How to make a secure password

Four Methods to Create a Secure Password You’ll Actually Remember

How do you balance the necessity of highly secure passwords with the utility of easily recalling them all? The only secure password is one that you can’t remember, but there are times when you can’t use a password manager and need to rely on your memory.

This post originally appeared on the Buffer blog .

It’s a question I mull each and every time a security breach happens. When the Heartbleed vulnerability was discovered last spring, the mandate was for everyone to change all their passwords right away. It’s still on my to-do list. I cringe at the thought of getting hacked, and I also cringe at the thought of taking the time and mental energy to do a complete overhaul of my favorite passwords.

Does this sound like you?

Eyewear and Contacts
Grab a backup pair or a sweet new accessory with sales this entire month.

The rest of us are still searching for a solution. We know that creating a safe password is paramount, but how does one actually go about creating and recalling all those essential, random passwords we need? It took writing this post to get me on the straight-and-narrow with my passwords. Here’s what I learned about how to create a secure password you can remember.

The Anatomy of an Unbreakable Password

The longer the password, the harder it is to crack. Consider a 12-character password or longer.

Avoid names, places, and dictionary words.

Mix it up. Use variations on capitalization, spelling, numbers, and punctuation.

These three rules make it exponentially harder for hackers to crack your password. The strategies employed by password crackers have advanced to an incredibly efficient level, so it’s imperative to be unusual with the passwords you create. Here’s an example from security expert Bruce Schneier about just how far password crackers have come:

Crackers use different dictionaries: English words, names, foreign words, phonetic patterns and so on for roots; two digits, dates, single symbols and so on for appendages. They run the dictionaries with various capitalizations and common substitutions: «$» for «s», «@» for «a», «1″ for «l» and so on. This guessing strategy quickly breaks about two-thirds of all passwords.

Recent password breaches at sites like Adobe have shown how insecure many of our passwords are. Here is a list of the most common passwords that turned up in the Adobe breach. It probably goes without saying: Avoid using these passwords.

Four Methods for Choosing an Unbreakable Password

The only problem with coming up with a random, unbreakable password is that random passwords are hard to remember. If you’re solely typing in characters with no rhyme or reason—a truly random fashion—then you’ll likely have as hard a time remembering it as someone will cracking it.

So it makes sense to go with a seemingly random password, one that is near impossible for cracking software to recognize but that has meaning or familiarity for you. Here are four methods to try.

Bruce Schneier’s Method

The sentence can be anything personal and memorable for you. Take the words from the sentence, then abbreviate and combine them in unique ways to form a password. Here are four sample sentences that I put together.

WOO!TPwontSB = Woohoo! The Packers won the Super Bowl!

PPupmoarT@O@tgs = Please pick up more Toasty O’s at the grocery store.

1tubuupshhh…imj = I tuck button-up shirts into my jeans.

W?ow?imp::ohth3r = Where oh where is my pear? Oh, there.

The Electrum Method

Managing a Bitcoin wallet requires a high level of security and a huge reliance on safe passwords. Enter Electrum. The Electrum wallet offers a 12-word seed that lets you access all your Bitcoin addresses. The seed serves as a master password for your Bitcoins.

This type of password is also called a pass phrase, and it represents a somewhat new way of thinking about security. Instead of a difficult-to-remember string of characters, you can make a lengthy phrase instead. (Note: Bruce Schneier warns that password crackers now put together common dictionary words in their guesses, so if you try the pass phrase method, keep it as long as possible.)

The idea for pass phrases is captured quite nicely in this comic from xkcd :

How can you create a 12-word seed of your own? It’s as simple as it sounds. Come up with 12 random words.

When placed into a password checker, the 12-word pass phrase above shows that it will take 238,378,158,171,207 quadragintillion years for a brute force attack to crack.

The PAO Method

Memorization techniques and mnemonic devices might help you remember an unbreakable password. At least, that’s the theory put forth by Carnegie Mellon University computer scientists who suggest using the Person-Action-Object (PAO) method to create and store your unbreakable passwords.

PAO gained popularity in Joshua Foer’s bestselling book Moonwalking with Einstein . The method goes like this:

Select an image of an interesting place (Mount Rushmore). Select a photo of a familiar or famous person (Beyonce). Imagine some random action along with a random object (Beyonce driving a Jello mold at Mount Rushmore).

The PAO method of memorization has cognitive advantages; our brains remember better with visual, shared cues and with outlandish, unusual scenarios. Once you create and memorize several PAO stories, you can use the stories to generate passwords.

For example, you can take the first three letters from «driving» and «Jello» to create «driJel.» Do the same for three other stories, combine your made-up words together, and you’ll have an 18-character password that’ll appear completely random to others yet familiar to you.

Phonetic Muscle Memory

I’ve developed a bit of a fondness for a personal password system of mine that I’ve used to create some strange, unusual, random passwords over time. My method relies on a couple of helpful remembering devices: Phonetics and muscle memory. Here’s how it works:

One at a time, change your passwords on your most-commonly-used websites. It’ll take a time or two of typing in these new passwords before you have the new them fully memorized, but typing it in enough should cement it in your brain. I still remember passwords from years ago based on this method.

The Next Most Important Step for a Secure Password

After creating your super-secure password, there is still one huge, all-important step remaining: Never reuse the same password.

Oof. I imagine a lot of folks get hung up on this part. Creating and remembering a unique password is challenging on its own, much less doing it multiple times. I seem to sign up at a new website or service once per day. That’s 30 new passwords a month, and I’m afraid my brain cannot hold all that in.

How do you manage to create unique passwords, never reuse a single one, and still log in with speed and efficiency (and without hitting the «forgot password» link)?

This is where the question of security versus usability really hits home for me. Fortunately, there are a number of different approaches you can take to solving this conundrum.

Sign Up for a Password Management Tool

Some of these password management tools integrate nicely within your browser or even on a mobile device. The encrypted data is stored safely (the tools are as safe as you can get online) and passwords are retrieved easily. In almost every instance, a password manager is the best way to go, and you might only notice inconveniences when you’re logging in from a foreign device or a spot where you can’t access the service (truly rare instances).

Which Password Manager Is The Most Secure?

Dear Lifehacker, I’m looking for a password manager, after you convinced me I really need to use…

Create and use strong passwords

One of the most important ways to ensure that your online accounts are safe and secure is to protect your passwords. Follow this advice to help keep your accounts out of the wrong hands.

Create strong passwords

Password security starts with creating a strong password. A strong password is:

At least 12 characters long but 14 or more is better.

A combination of uppercase letters, lowercase letters, numbers, and symbols.

Not a word that can be found in a dictionary or the name of a person, character, product, or organization.

Significantly different from your previous passwords.

Easy for you to remember but difficult for others to guess. Consider using a memorable phrase like «6MonkeysRLooking^».

Tip: Don’t want to think up your own strong passwords? Microsoft Edge can create and remember strong, unique, passwords for you. See Use Password Generator to create secure passwords.

Secure your passwords

Once you’ve created a strong password, follow these guidelines to keep it secure:

Don’t share a password with anyone. Not even a friend or family member.

Never send a password by email, instant message, or any other means of communication that is not reliably secure.

Use a unique password for each website. If crooks steal your account information from one site, they’ll try to use those credentials on hundreds of other well-known websites, such as banking, social media, or online shopping, hoping you’ve reused the password elsewhere. That’s called a » Credential stuffing attack» and it’s extremely common.

If you don’t want to memorize multiple passwords, consider using a password manager. The best password managers will automatically update stored passwords, keep them encrypted, and require multi-factor authentication for access. Microsoft Edge can remember your passwords for you and automatically fill them in for you when needed. See Save or forget passwords in Microsoft Edge.

It’s ok to write your passwords down, as long as you keep them secure. Don’t write them on sticky notes or cards that you keep near the thing the password protects, even if you think they’re well-hidden.

Rather than writing down your password, consider writing down a hint that reminds you of what the password is. So if your password is «Paris4$pringVacation» you could write down «Your favorite trip.»

Change passwords immediately on accounts you suspect may have been compromised.

Tip: Microsoft Edge has a password monitor feature that can let you know if we spot that any of your passwords have been compromised in a data breach. For more information see Protect your online accounts using Password Monitor.

Enable multifactor authentication (MFA) whenever available. MFA requires more than one kind of credential to sign into an account — such as requiring both a password and a one-time code generated by an app. This adds another layer of security in case someone guesses or steals your password. For more information see What is: Multifactor authentication.

Tip: If you’re asked to create answers to security questions, provide an unrelated answer. For example, if the question is «Where were you born?» you might answer «Green.» Answers like these can’t be found by trolling Twitter or Facebook. (Just be sure they make sense to you, so you’ll remember them.)

Don’t be tricked into revealing your passwords

Criminals can try to break your password, but sometimes it’s easier to exploit human nature and trick you into revealing it.

If you receive an email message that appears to be from an online store (like eBay or Amazon) or a phone call from your “bank” that tries to convince you of the “legitimate” need for your password or other sensitive information, it could be a phishing scam. (You may have heard these con games referred to as » social engineering».)

Here are some guidelines to follow to protect your passwords and other sensitive information:

Be wary of anyone who is requesting sensitive info from you, even if it appears to be someone you know or a company you trust. For example, a crook may have hijacked a friend’s account and sent email to everyone in the friend’s address book. Treat all unexpected requests for sensitive info with caution.

Never share your password in response to an email or phone call — for example, to verify your identity — even if it appears to be from a trusted company or person.

Always access websites using trusted links. Scammers can copy the look of a company’s communications to fool you into clicking a phony link or attachment, so use caution with links that appear in unsolicited emails, social media, or SMS messages.

If in doubt, go directly to the official website of the bank or other service you’re trying to access using your own bookmark or by typing the legitimate address of the service yourself.

How to create a good and strong password

We all got a lot of sensitive data stored on our online accounts that we want to keep secure. However, most of it is protected by pretty weak passwords. Creating a really strong password should do the job. But, as we all know, it’s a fine line between choosing a password that no one else will be able to guess and one that’s easy for you to remember.

Luckily, there are loads of ways and ideas to create strong passwords, such as using a unique password generator tool. Here, we’ll walk you through our tips and tricks for choosing and setting up secure passwords for your online accounts. And we’ll share some of our favorite methods for keeping your passwords safe and ways of making sure you don’t have to hit the “Forgotten password” link ever again.

How to generate a strong password?

What is a strong password?

A strong password is one you can’t guess or crack using a brute force attack. Hackers use computers to try various combinations of letters, numbers, and symbols in search of the right password. Modern computers can crack short passwords consisting of only letters and numbers in mere moments.

As such, strong passwords consist of a combination of uppercase and lowercase letters, numbers and special symbols, such as punctuation. They should be at least 12 characters long, although we’d recommend going for one that’s even longer.

Overall, here are the main characteristics of a good, secure password:

When you’re setting up an online account, there’ll often be prompts reminding you to include numbers or a certain number of characters. Some may even prevent you from setting a “weak password”, which is usually one word or number combination that’s easy to guess.

But even if you don’t get reminded to set a strong password, it’s really important to do so whenever you’re setting up a new online account or changing passwords for any existing account.

A long password is a good password

When it comes to password security, length really does matter. We recommend opting for a password that’s at least 12 characters long, even longer if you can.

Each additional symbol in a password exponentially increases the number of possible combinations. This makes passwords over a certain length essentially uncrackable, assuming you’re not using common phrases.

A strong password isn’t obvious

A good password needs to be something that’s really difficult for someone else to guess or crack, so don’t go for anything really generic, like “password” or “12345”. The latter two choices are still among the most popular passwords in the world, and they’re also among the least useful.

Good passwords can’t contain memorable keyboard paths

Don’t use sequential keyboard paths, like “qwerty”, as hackers are likely to crack these. If you spent no effort in thinking of a good password, the chances are the hackers won’t need much effort to crack it.

Password strength isn’t personal

It’s really important that you don’t use anything personal to you, like a nickname, your date of birth or your pet’s name. This is information that’s really easy for a hacker to find out simply by looking at your social media, finding your online work profile or even just by listening in on a conversation you’re having with someone else.

A good password should be unique

Once you’ve created a strong password, you might well be tempted to use that password for all your online accounts. But, if you do that, it leaves you more vulnerable to multiple attacks.

After all, if a hacker manages to discover your password, they’ll then be able to login to every account you use that password for, which might include your emails, your social media and your work accounts.

A lot of people use the same password for everything because it’s easier to remember. But don’t worry because we’ve got loads of tips and tricks to help you manage multiple passwords a bit further down.

Avoid past passwords

It’s also really important to make sure you don’t recycle your passwords, particularly if they’ve been hacked before. This may seem obvious, but once you’ve used a password, you shouldn’t reuse it. Even if you haven’t used it for years, it’s best to come up with a new one. Especially if you’ve had issues with a password being hacked in the past.

Special characters in passwords

Although using special characters in your passwords is a really good way of making them extra secure, not all online accounts allow you to use any symbol you like. But most will allow you to use the following:

Good password examples

Here are some good examples of strong passwords:

They all consist of a seemingly random and long (more that 15 characters) collection of uppercase and lowercase letters, numbers and special characters. These passwords are not generic, and don’t contain any memorable keypaths or personal information which hackers could use.

Ideas for creating a good password

Luckily, there are loads of things you can do to create unique and strong passwords for each of your online accounts. We have a ready-made password generator tool that generates unique and almost impossible to crack passwords. Alternatively, you should follow our top tips and ideas on how to setup a good password:

Use a password generator

If you don’t have time to come up with your own strong passwords, a password generator is a really quick and easy way to get a unique and strong password. Our own secure password generator will create a sequence of random characters. Copy and use it as a password for your device, email, social media account, or anything else that requires private access.

Top-notch password managers also include secure password generators. For example, NordPass can help you create unique and unbreakable passwords as well as passphrases.

Choose a passphrase rather than a password

Passphrases are much more secure than passwords because they’re typically longer, making them more difficult to guess or brute force. So instead of choosing a word, pick a phrase and take the first letters, numbers and punctuation from that phrase to generate a seemingly random combination of characters. You can even substitute the first letter of a word with a number or symbol to make it even more secure. Or try swapping out words for punctuation like we used to back in the days of text slang, if you can remember back that far.

Here are some examples of how you can use the passphrase method to create strong passwords:

Note: don’t use common phrases, because these are vulnerable to dictionary attacks – random combinations are what you want.

Opt for a more secure version of dictionary method

A popular method for choosing a password is to open a dictionary or book and choose a random word. But, as random as it may seem to you, a single word is actually quite easy for a hacker to guess.

So rather than opting for just one word from the dictionary, choose a few and string them together along with numbers and symbols to make it much trickier for someone to figure out.

Here are some examples of good password ideas created with this method:

Play around with phrases and quotes

If you want a password that’s difficult for others to guess, but easy for you to remember, it can be a good idea to use a variation on a meaningful phrase or quote. Simply take a phrase you’ll remember and swap out some of the letters for numbers and symbols.

Here are some examples of strong password ideas generated with this method:

Use emoticons

If you want to add symbols to your passwords without making them harder to remember, you can always use emoticons.

Although you won’t be able to add in emoji, you can use emoticons, which are the coded versions, usually made up of punctuation, letters and/or numbers.

Here are some emoticons that you can use in your passwords:

Customise your passwords for specific accounts

Once you’ve come up with a strong password that you can remember, you’ll still have to create different passwords for each of your online accounts. But, rather than starting the whole process again, you could simply add a different code into your password for each online account.

So, for example, if your password was cHb1%pXAuFP8 and you wanted to make it unique for your eBay account, you could add £bay on the end so you know it’s different to your original password but still memorable.

Here’s how that could work:

Commit your password to muscle memory

If you want to remember your password, it can be a good idea to practice typing it several times over. Eventually, if you type it correctly enough times, you’ll develop a muscle memory that’ll mean it’s much easier for you to remember.

However, it’s quite a challenge to remember at least a dozen of long and unique passwords of all your accounts. So, this technique is only applicable with short, 4 or 6 digit passwords that you use to unlock your device or your password manager.

How to keep your passwords safe

Now that you’ve set up a strong password for each of your online accounts, the next step is to keep them safe and secure from hackers.

Here are some of our top tips on how to do that:

Choose a good password manager

Whether you’ve generated your own strong passwords or you’re looking for an online service to do it for you, we strongly recommend using a good password manager. A secure password manager generates, stores and manages all your passwords in one safe online account. This is really useful because it allows you to use as many unique passwords as you like without ever having to worry about memorising them.

All you need to do is save all your passwords for every online account you have on your password manager and then protect them with one “master password”. This means you only have to remember one strong password as opposed to every single one.

Once you’ve got your password manager set up, whenever you go to login to one of your online accounts, you simply type your master password into your password manager and it’ll auto-fill in your login details for this account. You don’t even need to remember which email address or username you used. A secure password manager will fill all this in for you. Here are some of the best password managers in 2022.

It may seem insecure to keep all your passwords in one place. However, a reliable password manager, like NordPass, is the most secure place to store your credentials. Providers never keep your vault’s master password, so hackers cannot steal it even if they breach the database.

Use two-factor authentication

Even if someone does manage to steal your password, you can still prevent them from accessing your account by adding in an additional layer of security with two-factor authentication (2FA). This means that anyone trying to login to your account will have to enter a second piece of information after the correct password. This is usually a one-time code that’ll be sent directly to you.

Sometimes this will be sent to you via text message, although this isn’t necessarily the most secure way of receiving that code. After all, a hacker could steal your mobile number through SIM swap fraud and access your verification code.

We’ve found it’s much safer to use a two-factor authentication app instead, as they’re much trickier to intercept. Our favourites include:

Don’t save your passwords on your phone, tablet or PC

This may sound obvious but you must avoid saving any of your passwords in a document, email, online note or anything else that could be hacked.

Check if your email has been leaked

Of course, it’s really important to keep on top of any data breaches that may have occurred, particularly with your email account.

But how do you know if your email has been leaked? Well, we have an online personal data leak checker, which will let you know if anything like this has happened to your email account. All you need to do is enter your email address and we’ll be able to tell you if anything has happened to it.

Don’t give out your password

Last but not least, it’s really important to keep your passwords private. Even if you completely trust the person you’re giving your password to, it’s risky to send a password via text message or email in case anyone intercepts it. Even if all you’re doing is reading it out over the phone or spelling it out to the person sat next to you, there could be someone listening in and making notes.

Conclusion: so how do I make all my passwords hacker-proof?

Passwords are like the lock on your apartment door – they’re the one thing criminals have to go through if you’re not home. Having a weak password is like a weak lock. It greatly increases the number of people who have the means to access your accounts.

Whichever course you decide to take, don’t put it off! Data leaks and breaches happen every day, and the next one could have your password in it.

Tips for Generating Strong and Unique Passwords

Why Having A Strong Password Is Important

A strong password is the main barrier keeping most of your online accounts from being hacked. Without up to date practices, you might be using passwords that cyber-frauds can easily guess within hours. Exposing yourself to identity theft and extortion is a risk you should never take. You will need to create passwords that can fight modern password theft methods.

Weaknesses in your account credentials can be a cybercriminal’s dream. But their success is your nightmare, so you’ll need to take steps to avoid being a victim of password hacking.

Password Security Threats

Compromised passwords give cybercriminals an open door into your most personal accounts. So, of course, you’ll want to build a password that hackers are unlikely to discover.

The average user will create passwords to fool human hackers. This used to be a smart way to fight data theft. A criminal would use any information they could find about you and use common patterns in passwords to guess yours. You used to be able to just switch up the characters in your passwords and “Tr1Ck” your way into security. But hackers took notice.

Cybercriminals use sophisticated technology to get your passwords nowadays. This is important since many people try to make passwords hard for people to guess, but do not consider efficient algorithms. Software is designed to account for crafty user behavior as it guesses your passwords.

Here are some methods hackers use to get into your accounts:

Dictionary-based hacks use an automated program to combine dictionary words in common ways. Users make passwords easy to remember, so these hacks try to mimic obvious patterns.

Social media and publicly shared personal info are used to target you personally. Users commonly include names, birthdays, and even favorite sports team names in their passwords. Much of this info can be revealed just by spending a bit of time browsing your social media.

Brute force attacks use an automated program to recreate every possible combination of characters until it finds your password. Unlike dictionary hacks, brute force doesn’t handle long passwords well. However, short passwords can easily be discovered within hours in some cases.

Phishing involves a scammer pressuring you to give the hacker your money or valuable info. They pretend to be credible, usually as a trusted organization or someone you may know. Phishing scammers may call, text, email, or message you on social media. But they can also use fraudulent apps, websites, and social media profiles. If you believe you need protection against phishing attacks, we recommend using Kaspersky Internet Security.

Existing data breaches have exposed many passwords and other sensitive data already. Companies have been getting hacked more frequently, and hackers take all the data to expose it online for a profit. This can be especially threatening if you’ve reused old passwords since outdated accounts are likely to be compromised.

How to Create a Strong Password

To protect yourself against the newest hacking methods, you’ll need powerful passwords. If you’re wondering. «how strong is my password?» here are some tips to help you create a strong password:

Secure Password Examples

Generally, there are two main approaches to making strong passwords:

Passphrases are based on a combination of multiple real words. Uncommon words with character-swapping and random characters mixed in have been used in the past, like “Tr1Ck” for “trick” or “84sk37b4LL” for “basketball”. Algorithm hacks know this method now, so better passphrases are usually a mix of common unrelated words in a nonsensical order. Sometimes, there may be a sentence that has been chopped and swapped with a pattern only the user knows.

A passphrase example might be, “coW!burN#movE?pianOh” (using the words cow, burn, move, and piano.)

Passphrases work because they are:

Random character strings are purely random, using a mix of all character types. These passwords include uppercase, lowercase, symbols, and numbers in a spontaneous order. Since there is no method to how the characters are arranged, guessing is incredibly tricky. Even hacking software can take trillions of years to figure out these passwords.

A random character string example might be, “f2a_+Vm3cV*j” (which might be remembered using the mnemonic, fruit 2 apple _ + VISA music 3 coffee VISA * jack)

Random character strings work because they are:

Strong Password Examples

When creating your password, examples can help you through the process.

Here are some tips on how to create a strong password:

Example 1: IwiCcR!fOdIiNkE?

Why it is considered strong:

How to make it better:

Why it is considered strong:

How to make it better:

Example 3: rageducksimplemoon

Why it is considered strong:

How to make it better:

How to Use and Remember Passwords

With so many unique passwords to keep up with, you’ll need to be careful about how you store them.

To stay safe, don’t do the following:

However, you will want to use the following methods:

Activate two-factor authentication on all your most valuable accounts. This is an additional security check following a successful password entry. It uses methods only you have access to, such as email, text, biometrics (ex: fingerprint, face ID), or a USB security key. 2FA keeps crooks and prying eyes out of your account, even if your password has been stolen.

Update your most essential passwords often. When you decide to update, be sure to take action and change them. It is a hazardous practice to keep your password and only change a few characters. You’ll want to update your passwords in regular timeframes like every month. Even if you don’t update every password, be sure to change them for the following accounts at least:

Ultimately, remember that if your password is convenient for you, it’s probably convenient for hackers too. Complex passwords are the best way for you to protect yourself.

Use a password manager like Kaspersky Password Manager. The main benefits of using a password manager include being encrypted and being accessible anywhere you have internet. Some products have a password generator and password strength checker built in.

Create secure passwords to keep your identity safe

Choosing more secure passwords will help keep your identity safe on the internet. This article will show you how to create secure, easy-to-remember passwords.

Table of Contents

Step 1: Choose a phrase

You can create a more secure password by starting with a simple phrase. For example, let’s use a quote from Ogden Nash: «Happiness is having a scratch for every itch.»

If we use the first letter of each word, and substitute 4 for «for», we get:

Step 2: Add special characters

This is a reasonably strong password but we can improve it a bit by adding some special characters:

Step 3: Associate it with a website

We can use our new password on several different websites by adding a prefix or suffix with a mnemonic link to a particular site. Let’s use the first letter and the next two consonants in the site name.

Just to add a bit more randomness we’ll alternate upper-case and lower case, and if the first character in the site name is a vowel we’ll start with upper-case. To mix things up a bit more we’ll use the same rule to decide whether to add the site mnemonic to the left side or the right side.

#Hihas4ei:AmZ for Amazon
fCb#Hihas4ei: for Facebook
#Hihas4ei:YtB for YouTube
dRm#Hihas4ei: for Drumbeat

This is just one possible rule for picking the prefix or suffix that you use to customize your password for each web site. Reversing the order of the letters in the suffix, using only vowels, only consonants, or adding some other characters that come to mind when you think about the web site are all possible approaches that will improve security.

While this technique lets us reuse the phrase-generated part of the password on a number of different websites, it would still be a bad idea to use it on a site like a bank account which contains high-value information. Sites like that deserve their own password selection phrase.

Try It Yourself!

Take a moment to think of a phrase that’s meaningful to you. Use that phrase to create a secure password that you can customize for each website you visit.

To automatically generate secure passwords, see How to generate a secure password in Firefox.

Mozilla offers this guide as a public service. No approach to security can guarantee 100% security, and nothing in this publication is meant to provide any warranty or guarantee of the security of your passwords.

Some websites may not allow the use of some or all special characters. Please be aware of what special characters are allowed to be used.

Some websites have a limit on the length of the password field. If you enter a password that is too long you may see a message such as: «Please shorten this text to 20 characters or less», and will need to use a shorter password.

These fine people helped write this article:

Volunteer

Grow and share your expertise with others. Answer questions and improve our knowledge base.

Related Articles

Choose a strong password

Firefox Accounts helps you create a strong password when you sign up, so you can protect sensitive information like your bookmarks, login.