Don’t shortcut your digital privacy. Long passwords are strong passwords.
Passwords give access to the most important and private areas of your life—financial information, emails, photos, healthcare information, travel plans, work information—yet most people not only use weak passwords, they use the same password across multiple sites. It’s time to change this habit by creating and using stronger passwords.
The K2 Integrity Passphrase Generator
Current research shows that the strongest passwords are 15 characters in length or longer. However, remembering such long passwords can seem impossible. The solution? Using a five-word (or longer) passphrase, ideally one made up of randomly generated words. The key is to create a password that you can memorize but hackers can’t crack.
To generate strong passphrases, click on one of the boxes below.
Create Strong Passwords on Your Own
When creating a password, remember these best practices:
Use passwords that total more than 15 characters.
- Give each account a unique password. That way, if one password is hacked, other accounts won’t be compromised. Granted, it can be difficult to remember multiple passwords. Our advice? Instead of storing your passwords in a document, use a password manager to create a strong unique password for each account. The password manager can store and organize passwords for all the websites you access—then you’ll just have to remember one master password.
- Avoid using passwords that contain personal information. Hackers scan social media looking for personal information such as birthdays, children’s names, and favorite sports teams, and then use that information to break into your accounts. By the same token, don’t use answers to security questions that can be readily found on social media.
- Don’t use password hints or reminders when offered. The hint often gives away the password.
Enable multifactor authentication or use your fingerprint to confirm your identity when signing into accounts. Multifactor authentication combines two or more independent methods, such as a password, security token, or biometric verification, to create a layered defense and make it more difficult for an unauthorized person to hack an account.
- When sending encrypted documents, do not include the password in the same communication as the file. Send the password through another medium, such as a text or phone call.
Why the Need for Such Long Passwords?
Each month seems to bring news of another data breach with millions of stolen passwords—and each new breach provides hackers with additional intelligence. By analyzing passwords that were exposed in breaches (such as those of Adobe, LinkedIn, and Yahoo), hackers learn how people create and use passwords. Cyber criminals maintain lists of the more than 3 billion passwords obtained from all the breaches that have occurred. They also use lists of words and phrases from dictionaries, books, songs, and movies. With this information, using just an ordinary laptop, hackers can guess 10 billion password combinations per second, which means it would take them less than a day to break a password composed of fewer than nine characters in any combination (letters, numbers, or special characters).
What does this mean for you? The way you formerly created passwords is no longer secure. There is a great probability that the password lists hackers use already contain both the passwords that you commonly use, and the passwords you’re going to come up with tomorrow. To prevent your passwords from being hacked by social engineering, brute force, or the “dictionary attack” method, and to keep your online accounts safe, follow the safe-password guidelines on this page. But keep in mind that while these guidelines will help keep you secure, technology is always changing. What is considered secure today might not be sufficient tomorrow. To learn more, contact firstname.lastname@example.org.
In no event shall K2 Integrity be liable for any direct, indirect, punitive, incidental, special consequential damages whatsoever arising out of or connected with the use or misuse of the Passphrase Generator. Passphrases are generated on your computer and are never sent to K2 Integrity.