Ask the Techspert: Strong Passwords
Multiple studies show that an average internet user has 20 to 100 online accounts. These accounts could be for work and personal emails, social media profiles, online banking, entertainment, insurance, online shopping, and more.
With so many accounts, clearly most of us are guilty of using the same passwords or similar ones. We ought to know that doing so goes against the best practices of protecting personal information online. All online accounts should have strong and unique passwords to protect your personal information.
What is a strong password?
Let’s first rule out the common belief that switching a couple of letters of a weak password with symbols or adding a `1`or `!` to its end would make it stronger. The picture below shows some of the weakest and most common passwords worldwide.
For a long time, the idea was that the strength of a password is only measured by how complicated it is. Following this approach, we all know there is a fine line between a strong password and a user-friendly one.
After extensive research on password security, experts found that the length of a password is a better indicator of its strength. Moreover, using passphrases can solve the dilemma of having a secure and user-friendly password. Passphrases are similar to passwords but longer to add security.
Tips for creating a secure passphrase:
- Use or make up a sentence or phrase that is easy for you to remember but hard for hackers to crack
- Add your own encoding: include a combination of upper- and lower-case letters, special characters, and punctuation.
Following the above tips, let’s create a secure passphrase:
- The chosen sentence is “Let’s age with attitude!”
- My own encoding: Let’s capitalized the first letter of each word and use the symbol `@` in place of the letter `a` and the number `1` in place of the letter `i`.
- Our strong passphrase becomes:“Let’s @ge W1th @tt1tude!” (Note: do NOT use this as your password!)
Here are more examples: (Please remember to NOT use them as any of your passwords!)
No matter how user-friendly a strong password can be, remembering twenty to a hundred of them is still very challenging. The obvious course of action to remedy this problem is to save a list of all passwords somewhere.
Where to save passwords?
The short answer is: Password Manager.
A password manager is a program that holds all your passwords with other associated information (usernames and platforms) in one place, with only one master password. Password managers can do the hard work of creating strong passwords and save them for you to access when needed.
These programs are heavily encrypted and often require two-factor authentication to access the content. That means each time you or anyone attempts to log in to any of the two accounts, a unique and one-time verification code is sent to your mobile phone. Therefore, they are more secure than saving your passwords in a document on your computer or writing them down on a piece of paper.
Examples of password managers
Here are three very common password managers that also let you know whenever any of your passwords is compromised:
- iCloud Keychain Access: works directly with all your Apple devices and products through your iCloud account. (Free)
- 1Password: standalone app available for Android, Apple, and Windows devices. (Paid option)
-
Bitwarden: a free, open-source password manager available on most devices and browsers. (Free with paid options)
You can learn more about password managers from the WIRED article at this link.
Passkeys: A Password-less Future
A growing alternative to traditional passwords is the use of passkeys. Instead of remembering or typing a password, your device securely creates and stores a private key, while a public key is saved by the website. When you log in, the two connect, without exposing your private key. This makes it nearly impossible for hackers to steal your credentials, even if a company’s servers are breached.
Here’s how it feels in practice: imagine you’re logging into your PayPal account. Instead of typing a long password, a small box pops up on your phone asking you to confirm with your fingerprint or face scan. You tap once, and you’re in. No typing, no remembering – just a quick confirmation, like unlocking your phone.
Major platforms like Amazon, Apple, Google, PayPal, and more already support passkeys.
The benefit is clear: no more remembering dozens of passwords. However, you’ll need to ensure your device itself is secure (with a lock code or fingerprint), and some older devices may not support this new method yet.
3 best practices to keep in mind
- Always use unique passwords. Using the same password will link the security of multiple online accounts to only one password.
- Avoid using your password manager account on a device that is not yours. If you do, make sure to sign out of it once done. Furthermore, never agree to save your password on a device that is not yours.
- Most likely, your two most important passwords are the ones for your primary email address and your password manager account. Anyone with access to your primary email account can change the password of any other online account created with that email. Plus, in cases like Gmail, your email account is directly linked to one of your password managers. Consequently, these passwords should always be memorized and never be shared. They should also use two-factor authentication for extra security.
Feel free to comment below with any question about passwords. How many online accounts and passwords do you have? How do you handle them?
Techspert Jonathan is Senior Planet’s Digital Community Specialist and a former Senior Planet San Antonio technology trainer. He is also an iOS developer with a background in Information Systems and Cyber Security.
Have a tech question that’s got you stumped? Send your tech questions to Techspert Jonathan using THIS FORM. He’ll be tackling one question a month from readers.
Jonathan, Senior Planet’s Techspert columnist, answers one of your questions every month… but for exclusive tech reports, talks, webinars and more, become a Senior Planet official Supporter. Learn more about becoming a Supporter and access to exclusive events and offerings here.
Interested in personalized content? Sign up for free
Create an account and join our vibrant community to get reminders on classes and unlock a more personalized experience.
Comments
My wife and I share bank accounts, utility, and other accounts. Wouldn’t passkeys make our sharing access much more difficult?
That’s a great question! Yes—passkeys can make communal or shared banking harder to access, unless banks design specific features for shared use. The friction comes from how passkeys are inherently tied to one person, one device, while communal finance relies on multiple people accessing the same account. You should check with your financial institutions to see if they have a feature to make it more accessible to the two of you.
I use a product called LastPass. I love it and I believe the cost is under $50 a year.
Support has been great and your passwords are encryted safe with an encryption only you have.
Every time I update a password I get shut out of the program and I can’t get in. I am blocked for too many attempts.
Hello Nancy. If you are still having issues with logging into your account, we invite you to call the Senior Planet Hotline at 888-713-3495. There are agents available from 9am to 8pm Eastern (M-F) and 9am-2pm on Saturday. They can help you troubleshoot your tech issues.
Great article. I thought I was doing well with passwords but now I know I have room for improvement.
now i no that i need a srong password.