Here’s How to Create a Strong and Unbreakable Password to Thwart Online Password-Based Attacks

“Make sure you’re using a strong password” is something we often hear whenever we create an account online or have to reset passwords. It’s easy to end up using passwords that cyber-frauds can quickly get their hands on, exposing yourself to attacks like identity theft and extortion.

You might wonder what makes a strong password or worry that your passwords are not strong enough. In this article, we’ll find out.

Weaknesses in account credentials are like an invitation to cybercriminals. Becoming their victim can cost you in many ways, so it’s vital to ensure you use strong passwords that can fight modern password-based attacks.

Let’s find out how to create strong passwords that keep your accounts safe and that no hacker will guess.

The Importance of Having a Strong Password

Having a strong password is essential. It helps defend against unauthorized access to your account and personal information and protects your accounts from hackers and malicious attacks. The more complex your password is, the more security it offers to your account.

Strong Passwords Anatomy – How to Create a Strong Password

Here are a few effective ways to construct strong passwords:

1. Passphrase

Here, users choose multiple-word phrases with a little twist. A few bizarre or uncommon words are used with proper nouns, local business names, words in another language, names of historical figures, or anything you like.

A hacker may find it easy to guess one of the words in the phrase, but it becomes harder with multiple terms:


Though the words should be uncommon and unguessable, they should give you a clear mental image of what they are so that you can easily remember the phrase.

2. Sentence

With this technique, you choose a sentence as your password instead of individual words. You can think of a random sentence and make it your password. For example, using the first two letters from the words in the sentence: “Our family loves going to the beach every weekend since 2005” you can come up with a password like:


Only you will know what this password is all about. And, for the rest of the world, it’s just a random combination of unguessable letters.

3. Include Upper Case And Lower Case Letters, Symbols And Numbers

Pick random numbers, letters in upper and lower case, and special symbols such as $, @, %, *, and create a password by combining them. Or pick words and use upper and lower case letters along with numbers and special symbols. For instance, change “I Love My Dogs” to “!!L0VMyD0G$!!202!”.

4. Avoid Reusing Passwords

Often, after successful large-scale hacks, hackers use compromised and leaked email addresses and passwords to login into other popular sites.

Therefore, it’s essential to avoid reusing passwords – if your email address and password are compromised in a data breach, hackers may try to log in to other sites using those credentials. So if you’re using the same password and email address for other accounts, your other accounts might be attacked as well.

5. Long Passwords

Hackers are becoming increasingly advanced and make use of multiple methods to hack into accounts. The simplest way is to personally target someone and manually type in passwords by making random or educated guesses of letters, symbols, and numbers.

Hackers can also use advanced methods such as a “brute force attack.” In methods like brute force, attackers use computer programs to try every possible combination of numbers, letters, and symbols as fast as possible in an attempt to crack the targeted person’s password.

Therefore, it’s recommended that you make your passwords longer and more complex – at least 8 to 16 characters long. The longer and more complex password is, the harder it is to crack. A password with three to five characters long will probably be very easy to crack.

6. Avoid Passwords That Were Previously Breached

Often, breached credentials are put on the dark web for sale, and other hackers buy databases full of this data.

If you aren’t sure whether any of your passwords have been involved previously in a data breach attack, you can check by using free online tools like If you find a password that has been previously breached, stop using it and avoid reusing the same password.

7. Avoid Silly and Common Passwords

It might sound obvious, but you should never use sequential letters or numbers and never, ever use “password” as your password! Don’t include any personal information like your date of birth or name in your passwords – if you become the target for an attack, the hacker will try their best to work out your password by guessing all the options. If the person knows your name or any other details like your pet’s name or your mother’s date of birth, they’ll try those first.

Some common passwords that everyone should avoid are:

  • 123123
  • 123456
  • 1234567
  • 12345678
  • 123456789
  • password
  • password1
  • qwerty
  • 111111
  • abc1234

8. Avoid Using Personal Information

Avoid using personal information such as your birthplace or date, city of birth, the school you studied, or relatives’ or pet’s names in your passwords. In addition, it’s best not to use any information that is easily guessable or discoverable from any source.

Likewise, when you create an online account and set security questions and answers, go for the options that are impossible to discover through your social media accounts.

Verify That Your Password Is Strong

Once you’ve created a password, you should check its strength using online tools like How Secure Is My Password?

Simply submit the password you created, and the tool will show you how strong the password is.

Wrapping Up

In today’s digital world, where attacks happen daily, having a strong password is a must. Whenever you create an account, you should set a password that is strong enough that no one can crack it.

We’ve shared some useful tips on how to choose a strong password and keep your accounts secure. If you think we’ve missed anything out, or if you have other password tips that could be helpful to our readers, feel free to let us know. Good luck!

Multiple Website Security Layers in One Platform

Get DigiCert Secure Site Pro OV SSL that includes a vulnerability scanner, malware detector, PCI scanners, website backup, multi-domain security, and many more advanced security tools.
DigiCert Secure Site Pro OV SSL