10 Best Practices for Creating and Securing Stronger Passwords, by Kenny Kline, Oct. 10, 2024

From https://www.godaddy.com/resources/skills/10-best-practices-for-creating-and-securing-stronger-passwords

There’s never been a better time to beef up your security with stronger passwords. A recent Forbes study showed that over 46% of Americans had their password stolen within the past year.
Poor password and website security are significant concerns, making it easier for hackers to access highly personal information. Meanwhile, better hacking tools and lower hacking costs mean there are more hackers than ever before.
How to create better passwordsWhile there is no way to guarantee that your accounts won't be hacked, one of the best lines of defense is to create stronger passwords.1. Never use the same password for multiple accountsUsing the same password across different sites is a surefire way to decrease the security of said password. If a hacker determines your password for one site, they’ll be equipped to hack more of your accounts without any extra work on their part. The simplest way to avoid this disastrous scenario is to utilize not just stronger passwords, but distinct ones for each and every account.2. Don’t use personally identifiable termsSure, using your son’s nickname, your favorite movie, your pet’s name and so on in your passwords makes it easy to remember them. But it makes them easy to hack, too.Strong passwords do not have personal ties. Hackers can find out these tidbits by mining your social media profiles, and odds are good that personally identifiable information will be the first thing they try if they’re attempting to log into your accounts. Avoid using this info in passwords and opt for something that’s harder to guess instead. (More on that in the next point.) On a related note? Always be mindful of what you share online. Giving away too much personal information via your social media presence makes it all the easier for hackers to gain access to your accounts. Stronger Passwords NumbersAll right, it’s time to get into the nitty gritty of what makes for a stronger password — make passwords long and unusual.3. Avoid using common words or phrasesIn other words? “Password,” “12345” and “qwerty” are out. Also remember to avoid using easily identifiable information such as your spouse’s name, your wedding date and so on.4. Use different types of charactersInstead of opting for just letters or just numbers, opt for a mixture of characters — including ones such as %, @, $, numbers, uppercase and lowercase letters, and so on. Using lots of different character types makes it harder to guess your password. It might help to think of a phrase in words, and then identify places to add in different characters. For example, “I am a fly fishing fanatic” might turn into iAm@fLyf!sh!ngF@n@t%c.5. Make it longThe same Consumer Reports survey cited above found that 29 percent of people who use passwords for sensitive accounts utilize a password that has seven or fewer characters. That’s bad news, because the report also found that longer passwords take significantly longer to crack. (We’re talking the difference of weeks or even years!) Opt for eight characters at an absolute minimum; somewhere in the neighborhood of 15 is even better if you’re serious about stronger passwords. Related: How can you help protect your website from hackers?6. Consider spelling things wrongIntentional spelling mistakes can make it harder to guess a password. For example, the word “fantastic” might be guessable, but the word “fentestic” would be harder to crack.7. Utilize multi-factor authenticationAs the landscape of digital security evolves and stronger passwords become less of a sure thing from a security standpoint, multi-factor authentication is emerging as one potential solution. Two-factor authentication requires that you both know the password for an account and possess a device that is linked to that account in some way. For example, after trying to log into your account, you might receive a text on your phone with a code that allows you to complete the login process. Unless you have both the password and the extra security code, it will be darn near impossible to log in. Enabling two-factor authentication can make it much more difficult for hackers to access your account. 8. Change your passwords regularlyPasswords degrade in quality over time, because the longer a password is in use, the more time hackers have to attempt to crack it. Stay one step ahead of cybercriminals by changing your passwords on a regular basis. As a general rule, it’s a good idea to change out all of your passwords at least every three months. Make sure to never reuse old passwords. Stronger Passwords ChangeEven stronger passwords won’t protect you if you don’t protect them.9. Never save or share passwordsNever save your passwords or check the “remember me” box when you’re using a public computer. Better yet, try to avoid logging into personal accounts unless you’re on a private device. Avoid sharing your passwords with other people whenever possible. Never share your password unless you are sharing it in person with someone you deeply trust. If you have a written list of passwords to help you remember them, avoid storing this list on your computer or phone. Because electronic devices are hackable, this means you could potentially put all of your accounts at risk. If you must keep a list of passwords, use pen and paper and store the list in a secure place. Whenever possible, avoid writing down your stronger passwords — period.10. Use a password managerIf you’re struggling to manage your stronger passwords (now that you’ve got them), consider using a password management system. Here's a roundup of some of the best password managers.Stay vigilantRegularly crafting stronger passwords (plus having to remember them) can be a real pain. But taking the time to create stronger passwords is undoubtedly less of a hassle than dealing with the fallout of being hacked. Follow these