undefined undefined Creating Strong Passwords
Search Help Center
Step by Step

Creating Strong Passwords

Why Are Strong Passwords Important?

Strong passwords, paired with multi-factor authentication (or two-step verification), are key in protecting your accounts and information. A weak password allows cybercriminals to easily compromise your accounts and access your information. Attackers can guess your password based on trends and patterns discovered within your organization and on worldwide usage. They can trick you into giving them your passwords (through social engineering or phishing) and they can apply high-level software to systematically test every possible password, and ultimately crack it.

These statistics emphasize the importance of using strong Passwords:

  • In 2022, over 24 billion passwords were exposed by hackers.1
  • Over 80% of data breaches involve the use of lost or stolen credentials.2

What Makes a Password ‘Strong’?

Strong passwords are passwords that are at least 12 characters or more. Studies have shown that character length is a greater indicator of password strength than password complexity. Regardless, it doesn’t hurt to have a complex password as well. If passwords are difficult to remember, try not to write them down. Instead, use pass phrases to make your passwords difficult to crack, but easy for you to remember. Additionally, password managers can be helpful in storing many lengthy and complex passwords.

How to Choose a Password

Choose, use, and manage strong passwords. Never reveal or share your passwords and don’t use the same passwords for different systems.

YES

  • Create a unique password that can’t be easily guessed by a cybercriminal.
    • An effective way to create a strong password is to choose four random words and string them together to create a passphrase. The randomness of the word choice and length of the passphrase makes it strong. Add punctuation, numbers, or special characters for extra strength.
    • Example: Crying!HampsterPumpkinBalloon4
      • Do not use the above example as your password.

NO

  • Your password should not contain information about you.
    • Never use personal information that could be easily guessed or accessed—like your birthday, it’s easy for you to remember, but is also easy for a cybercriminal to guess.
    • Do not use words or phrases that are common in the Church (i.e. scripture references, names of prophets, etc.), as criminals study organizational behavior and can guess those as well.

Remember

  • Use as many characters as possible, try for 12-15.
  • Use uppercase and lowercase characters.
  • Use punctuation, numbers and special characters.

Additional Password Tips:

  1. Increase complexity
    • Using a combination of numbers, special characters, and upper and lowercase letters will increase the complexity of your password and make it more difficult to crack.
  2. Avoid personal information
    • Do not use personal information such as names, significant dates, pet’s names, or anything that can easily be found or guessed.
  3. Updating your password frequently will make it difficult for hackers to guess and for software to gain access.
    • Even if access is gained, changing your password regularly can reduce the amount of time the attacker has access to your account.
  4. DO NOT reuse passwords.
    • Using the same password on multiple sites and accounts can make it easier for an attacker to break in. An attacker might be able to gain access to your password on a less secure site and then use that password to access your more sensitive accounts.
  5. Enable Two-Step Verification
    • Two-step verification or multi-factor authentication can drastically increase the security of your accounts. To help prevent yourself from being susceptible to forms of credential stealing, make sure that you have multi-factor authentication enabled on your accounts. Additionally, turn on security alerts that will notify you if your account is being used on a computer or device you’ve never logged into.
  6. Utilize a Password Manager
    • Using a reputable password manager will enhance your credential security. These tools store passwords for your accounts and enable you to have complex and unique passwords for each account. Password managers help reduce the risk of passwords being weak, reused, forgotten, or compromised.

Passwords are the first line of defense in your Information Security. Take the time to create strong, unique passwords that will help keep you and your information secure.

Last Updated On 20 Nov 2024