How Do I Create a Strong and Unique Password?

Creating strong passwords may seem like a daunting task, especially when the recommendation is to have a unique password for each site you visit. Anyone would be overwhelmed if they had to create and memorize multiple passwords like Wt4e-79P-B13^qS.

As a result, you may be using one identical password even though you know it’s unsafe and that if it gets compromised all of your web information is exposed. Or you use several passwords, but they are all short simple words or include numbers that relate to your life they are still too easy to guess. Or, if you made hard to remember passwords (probably because your business or a website forced you to) then you likely have a list of the passwords right next to your computer - even though you know this also compromises your safety if others use your computer.

Passwords you can't remember are useless. But passwords that are too easy to remember can be easy to guess or to ascertain with a brute-force attack. With activities like personal banking and retirement increasingly migrating online, the stakes continue to rise. 

Let us help you find the best antivirus for your needs

Easily compare our antivirus products and find customized protection for every device and every budget. We have options to help you protect one or all of your laptops, desktops and mobile devices.

Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity — whether it's for you or your entire family.


What Makes a Password Strong?

The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words. The good news is you don’t have to memorize awful strings of random letters numbers and symbols in order to incorporate all of these aspects into your passwords. You simply need a few tricks.

How to Easily Spot a Weak Password

The secret is to make passwords memorable but hard to guess. Learning a few simple skills will make creating strong memorable passwords easy. Creating them can actually be fun - and your payoff in increased safety is huge.

To understand the definition of a strong password, it’s best to go over common practices that put millions of users at risk on a daily basis. Let’s look at a few examples of weak passwords to understand why these put you at risk:

It uses common words, like “Password” 

The word "Password" is the most commonly used password. It’s also pathetically weak - as are ’default’ and ’blank’. These are simple words that can be easily guessed by a user. However, humans aren’t your only concern. Programs that use automated databases can perform a dictionary assault on your system, identifying the password easily.

It’s easy to identify, especially if someone knows you well 

A common example is using a last name + year of birth combination. Marshall1968 - though this example uses 12 characters and includes letters and numbers, it includes both a name that can be associated with you or your family, and other identifying pieces of information such as your birth year, which means it can be easily hacked.

It’s short and can be easily deciphered

Let’s say you use “F1avoR” as a password, mixing up capital letters and numbers. Here are two important reasons why this password example isn’t safe: 

  • It’s too short. A long password is a strong password. The harder a hacker or a code-breaking software application has to work, the better. Microsoft recommends passwords be at least 12 characters long, and ideally 14 or more.
  • The number of substitutions can be easily guessed. Substituting the number 1 for the letter l is easy to guess for both humans and software.

How to Keep a Strong Password Secure

So you've settled on a password that's the perfect length, obscure, and mixes letters, numbers, and cases. You're on the right track, but not to total password security just yet. 

  • Don’t reuse your passwords. If you’re using the same password across email, shopping, and other websites holding sensitive personal data (or even a local community website) and one of those experiences a breach, you’ve now exposed the other services to the risk of being breached as well.
  • Don’t write your passwords down. In can be tempting, especially in the workplace, to keep track of passwords f the old-fashioned way, but these are easily discovered.
  • Use a password manager. There are many apps that store your passwords securely. Webroot SecureAnywhere® Internet Security Plus and Webroot SecureAnywhere® Complete offer a password manager as an additional online security tool.
  • Don’t share your passwords. This one is a no-brainer, and if you must share, change it as soon as possible. It's especially risky to send a password by email, instant message, or some other insecure mode of communication.

Tips for Creating a Unique Password (That’s Also Strong)

Short answer: The secret to creating a hard-to-crack password that’s unique and easy to remember is to focus on making it memorable and making it hard to guess. Seems simple enough, right? By learning a few simple skills, you can easily create a strong and memorable password with minimal effort. Plus, creating them can actually be fun - and your payoff in increased safety is huge.

To avoid these easy to guess or hack passwords try one or more of the following tricks:

Use a phrase and incorporate shortcut codes or acronyms 

These examples let you use phrases that either means something to you, or you associate with a type of website. For example, the ’all for one and one for all’ may be the password for a social networking site where it’s all about sharing. It could be a phrase about money for a banking site, and so on.

  • 2BorNot2B_ThatIsThe? (To be or not to be, that is the question - from Shakespeare)
  • L8r_L8rNot2day (Later, later, not today - from the kid's rhyme)
  • 4Score&7yrsAgo (Four score and seven years ago - from the Gettysburg Address)
  • John3:16=4G (Scriptural reference)
  • 14A&A41dumaS (one for all and all for 1 - from The Three Musketeers, by Dumas)

Use passwords with common elements, but customized to specific sites 

These examples tell a story using a consistent style so if you know how you write the first sections, and you’re on the login page for a site you’ll know what to add.

  • ABT2_uz_AMZ! (About to use Amazon)
  • ABT2_uz_BoA! (About to use Bank of America)
  • Pwrd4Acct-$$ (Password for account at the bank)
  • Pwrd4Acct-Fb (Password for a Facebook account)

Play with your keyboard 

Considering that most computer keyboards contain 101 to 105 keys, you have a ton of options when it comes to crafting a unique password. You don’t have to think of it just as the numbers you see, but rather, as a canvas to draw on.

Keyboard Password

  • Add emoticons: While some websites limit the types of symbols you can use, most allow a wide range. Make your symbols memorable by turning them into smiley faces to instantly boost your password power.1qazdrfvgy7, is really hard to remember unless you know that it’s a W on your keyboard -that’s a lot easier to remember! You can make letters, shapes, and more just ’drawing’ on the keyboard.
  • Use commonly allowed symbols:

Common Keyboard Symbols

  • Use basic smiley faces: (Yes, these are symbols you can actually use.)

Common Smiley Faces

You’re now ready to create your own strong, long, memorable mixed-character passwords using one or more of these tricks. Or, create your own system- C?U2canCRE8Pwords;-) (See? You too can create passwords☺). Now, share the tips with others, just don’t share your passwords!

Check out these additional resources on creating passwords:

Create and use strong passwords - Microsoft
Use strong passwords - U.S. Cybersecurity & Infrastructure Security Agency

Find the right cybersecurity solution for you.