Skip Navigation Logo for: Exposure

Protect Your Online Data with These Tips for Strong Passwords


pass phrase graphic

With so many people working from home and replacing in-person interactions with online transactions, keeping your online data safe is more important than ever.

Almost every internet transaction requires that you enter personal information, including your name, address, financial information, and more. One of the most important security safeguards you can take is using strong, unique passwords for every app, website, and online account you use.

You probably have dozens, if not hundreds of passwords, so remembering them all can be a challenge. Using one password for multiple accounts can solve that problem, but it creates a much worse one. If a site you use is hacked or your password is stolen, the criminal will automatically have access to all other accounts that use the same password—sometimes before you even know your security is compromised. Creating strong, unique passwords for each account is the best way to keep that information safe.

Fortunately, security experts now recommend using a passphrase rather than a complicated, hard-to-remember password filled with random symbols. Choose a passphrase that is at least 15 characters, and includes numbers, special characters like & and #, and upper and lowercase letters. For example: BluePenguins67&Everywhere.

The benefit of using a passphrase is that you can choose one that makes sense to you, but that no one else could guess. Make sure you don’t use any words that could be easily associated with you, like your name or the names of family members, friends, or pets; street names; school or sports teams; etc. Basically, if it’s something that could be figured out by doing a Google search of your name or looking at your social media pages, don’t use it in your passphrase. Also, avoid using actual phrases like lines from poetry, common sayings, or famous quotes.

In addition to coming up with strong, unique passphrases, follow these tips to keep your data secure:

  • Don’t log into any website while using public Wi-Fi
  • Use anti-malware software such as Bitdefender or Malwarebytes
  • Install software and operating system patches and updates when prompted
  • Look for the lock sign before the URL in the address bar of any website you visit. This indicates the site uses SSL for added security
  • Be aware of email phishing scams and don’t click on any suspicious links
  • Don’t allow your browser to store your credit card data or passwords
  • Never write down passwords and leave them in plain sight (like on a sticky note attached to your monitor)
  • Never send passwords via email
  • Never give out your passwords to someone who calls and claims to be from a company or website
  • Consider using a password manager such as LastPass, Dashlane, or 1Password
  • When available, opt for two-factor authentication, which requires an extra piece of information, like a unique code sent to your phone, when someone tries to log in to your account from an unrecognized device
  • Test the strength of your passwords with a tool like, which tells you how long it would take a computer to crack them