Do you use the same password for everything you do online?

If so, you may be giving away the keys to the kingdom! But you could have the same problem if you use so many different passwords that you have to write them down to remember them. In the wrong hands, that slip of paper with all your passwords is like gold. Worse still is recording all of your passwords in a file or document on your computer — a cybercriminal’s dream come true!

How “complicated” should a password be, in order to be considered secure? There’s no set answer, but some recommendations appear to be universal:

  • The longer the password, the better.
  • Don’t use the same password everywhere.
  • Include a number and/or special character in your password (required by many sites).
  • Make it easy to remember, not easy to figure out.

There are extremes. Microsoft® recommends passwords that are at least 8 characters long, that cannot be found in the dictionary, are not words spelled backwards, do not use your personal information, and do not have repeated numbers or characters. Microsoft will also test the strength of your current password(s), to see how you rate in the password safety zone. 

Remember to change your password(s) often. To remind yourself to do it at least twice a year, consider syncing with Daylight Savings Time and making the change when it’s time to turn your clocks back/ahead (and change your smoke detector batteries!).