Some
of
the
strongest
passwords
you
can
use
are
the
ones
you
don’t
have
to
remember.
Strange
as
that
may
sound,
it’s
true,
if
you
use
a
password
manager.
A
password
manager
creates
and
securely
stores
strong,
unique
passwords
for
each
of
your
accounts—and
does
all
the
remembering
for
you.
And
remembering
is
the
root
of
the
problem
when
it
comes
to
insecure
passwords.
Consider
how
many
passwords
you
have
across
all
your
accounts.
Then
consider
the
old
passwords
for
accounts
and
online
forums
you
no
longer
use,
along
with
all
the
times
you
created
a
password
for
an
online
store
that
you
only
shopped
at
once
or
twice.
All
those
passwords,
it’s
too
much
to
keep
track
of,
let
alone
manage.
And
that
leads
to
insecure
passwords.
Simple
passwords.
Or
passwords
that
get
used
again
and
again
across
several
accounts.
Hackers
count
on
that.
They
love
it
when
people
use
simple
passwords,
reuse
passwords,
grab
passwords
out
of
the
dictionary,
or
base
their
passwords
on
their
pet
names
that
a
hacker
can
easily
glean
from
a
victim’s
social
media
posts.
They
also
love
“brute
force”
tools
that
help
them
break
into
accounts
by
quickly
feeding
account
logins
with
thousands
of
potential
passwords
in
minutes.
So
when
you
make
your
life
easier
with
simple
or
reused
passwords,
you
make
life
easier
for
hackers
too.
That’s
where
a
password
manager
comes
in.
It
makes
life
easy
for
you
to
stay
secure
while
still
making
it
tough
on
hackers—particularly
tough
with
strong,
unique
passwords
for
each
of
your
accounts
that
can
you
update
on
a
regular
basis,
which
offers
some
of
the
strongest
protection
you
have
against
hackers
hijacking
your
accounts.
The
difference
between
a
good
and
bad
password
First
up,
let’s
look
at
password
practices
in
general
while
keeping
a
few
things
in
mind.
Hackers
will
look
for
the
quickest
payday.
In
some
cases
they’ll
work
with
a
long
list
of
accounts
that
they’re
trying
to
break
into.
If
a
password
on
that
list
proves
difficult
to
crack
they’ll
move
on
to
the
next
in
the
hope
that
it’ll
have
a
poor
password
that
they
can
easily
crack.
It’s
a
sort
of
hacker
economics.
There’s
often
little
incentive
for
them
to
spend
extra
time
on
a
strong
password
when
there
are
plenty
of
weak
ones
in
the
mix.
So
what
do
poor
passwords
look
like?
Here
are
a
few
examples:
-
Obvious
passwords: Password-cracking
programs
start
by
entering
a
list
of
common
(and
arguably
lazy)
passwords.
These
may
include
the
simple
“password”
or
“1234567”.
Others
include
common
keyboard
paths
like
“qwerty.”
Even
longer
keyboard
paths
like
“qwertyuiop”
are
well
known
to
hackers
and
their
tools
as
well. -
Repeated
passwords: You
may
think
you
have
such
an
unbreakable
password
that
you
want
to
use
it
for
all
your
accounts.
However,
this
means
that
if
hackers
compromise
one
of
your
accounts,
all
your
other
accounts
are
vulnerable.
This
is
a
favorite
tactic
of
hackers.
They’ll
target
less
secure
accounts
and
services
and
then
attempt
to
re-use
those
credentials
on
more
secure
services
like
online
bank
and
credit
card
companies. -
Personal
information
passwords: Passwords
that
include
your
birthday,
dog’s
name,
or
nickname
leave
you
open
to
attack.
While
they’re
easy
for
you
to
remember,
they’re
also
easy
for
a
hacker
to
discover—such
as
with
a
quick
trip
to
your
social
media
profile,
particularly
if
it
is
not
set
to
private.
On
the
flip
side,
here’s
what
a
strong
password
looks
like:
-
Long: Without
getting
into
the
math
of
it,
a
longer
password
is
potentially
a
stronger
password.
When
you
select
from
the
entire
available
keyboard
of
numbers,
letters,
and
symbols,
a
password
that
is
12
characters
long
is
far,
far
more
difficult
to
crack
than
one
with
only
five
or
even
seven
characters.
And
while
no
password
is
entirely
uncrackable,
taking
that
number
up
to
16
characters
pushes
your
password
into
a
highly
secure
category
provided
it
doesn’t
rely
on
common
words
or
phrases. -
Complex: To
increase
the
security
of
your
password,
it
should
have
a
combination
of
uppercase
letters,
lowercase
letters,
symbols,
and
numbers.
Hacking
algorithms
look
for
word
and
number
patterns.
By
mixing
the
types
of
characters,
you
will
break
the
pattern
and
keep
your
accounts
safe. -
Unique:
Every
one
of
your
accounts
should
have
its
own
password.
This
is
particularly
true
for
sensitive
accounts
such
as
your
financial
institutions,
social
media
accounts,
and
any
work-related
accounts. -
Updated:
While
you
may
have
an
undeniably
strong
password
in
place,
it’s
no
longer
secure
if
it
gets
stolen,
such
as
in
a
data
breach.
In
this
case,
updating
your
passwords
every
several
months
provides
extra
protection.
This
way,
if
a
hacker
steals
one
of
your
passwords
in
a
breach,
it
may
be
out
of
date
by
the
time
they
try
to
use
it
because
you
updated
it. -
Backed
by
Multi-Factor
Authentication
(MFA):
MFA
offers
another
layer
of
protection
by
adding
another
factor
into
the
login
process,
such
as
something
you
own
like
your
phone.
MFA
has
become
a
staple
in
many
login
processes
for
banks,
payment
apps,
and
even
video
game
accounts
when
they
send
you
a
text
or
make
a
call
to
your
phone
with
a
security
code
that’s
needed
to
complete
the
login
process.
So
while
a
hacker
may
have
your
password,
they’d
still
be
locked
out
of
your
account
because
they
don’t
that
security
code
because
it’s
on
your
phone.
Creating
strong
passwords
on
your
own
Long,
complex,
unique,
and
updated,
all
described
as
above—how
do
you
manage
all
that
without
creating
a
string
of
gobbledygook
that
you’ll
never
remember?
You
can
do
so
with
a
passphrase.
A
phrase
will
give
you
those
12
or
more
characters
mentioned
above,
and
with
a
couple
extra
steps,
can
turn
into
something
quite
unique
and
complex.
Here’s
a
three-step
example:
-
Pick
a
phrase
that
is
memorable
for
you: It
should
not
be
a
phrase
you
commonly
use
on
social
media
accounts.
If
you
are
an
avid
runner,
you
might
choose
a
phrase
like,
“Running
26.2
Rocks!” -
Replace
letters
with
numbers
and
symbols: Remove
the
spaces.
Then,
you
can
put
symbols
and
numbers
in
the
place
of
some
ofthe
letters.
Runn1ng26.2R0ck$! -
Include
a
mix
of
letter
cases: Finally,
you
want
both
lower
and
uppercase
letters
that
are
not
in
a
clear
pattern.
Algorithms
know
how
to
look
for
common
capitalization
patterns
like
camelCase
or
PascalCase.
Runn1NG26.2R0cK$!
Now
you
have
a
password
that
you
can
remember
with
a
little
practice,
one
that
still
challenges
the
tools
that
hackers
use
for
cracking
passwords.
Creating
strong
passwords
with
a
password
manager
When
you
consider
the
number
of
accounts
you
need
to
protect,
creating
strong,
unique
passwords
for
each
of
your
accounts
can
get
time
consuming.
Further,
updating
them
regularly
can
get
more
time
consuming
still.
That’s
where
a
password
manager
comes
in.
A
password
manager
does
the
work
of
creating
strong,
unique
passwords
for
your
accounts.
These
will
take
the
form
of
a
string
of
random
numbers,
letters,
and
characters.
They
will
not
be
memorable,
but
the
manager
does
the
memorizing
for
you.
You
only
need
to
remember
a
single
password
to
access
the
tools
of
your
manager.
A
strong
password
manager
also
stores
your
passwords
securely.
Ours
protects
your
passwords
by
scrambling
them
with
AES-256,
one
of
the
strongest
encryption
algorithms
available.
Only
you
can
decrypt
and
access
your
information
with
the
factors
you
choose.
Additionally,
our
password
manager
uses
MFA—you’ll
be
verified
by
at
least
two
factors
before
being
signed
in.
Protecting
your
passwords
Whether
it’s
the
passwords
you’ve
created
or
the
master
password
for
your
password
manager,
consider
making
an
offline
list
of
them.
This
will
protect
access
to
your
accounts
if
you
ever
forget
them.
Be
sure
to
store
this
list
in
a
safe,
offline
place—recognizing
that
you
want
to
protect
it
from
physical
theft.
A
locking
file
cabinet
is
one
option
and
a
small
fireproof
safe
yet
more
secure.
A
password
manager
is
just
part
of
your
password
security
solution.
For
example,
you’ll
also
want
to
use
comprehensive
online
protection
software
to
prevent
you
from
following
links
in
phishing
attacks
designed
to
steal
your
account
login
information.
The
same
goes
for
malicious
links
that
can
pop
up
in
search.
Online
protection
software
can
steer
you
clear
of
those
too.
In
some
cases,
bad
actors
out
there
will
simply
shop
on
the
dark
web
for
username
and
password
combos
that
were
stolen
from
data
breaches.
An
identity
monitoring
service
such
as
our
own
can
alert
you
if
your
information
ends
up
there.
It
can
monitor
the
dark
web
for
your
personal
info,
including
email,
government
IDs,
credit
card
and
bank
account
info,
and
more.
Ours
provides
early
alerts
and
guidance
for
the
next
steps
to
take
if
your
data
is
found
on
the
dark
web,
an
average
of
10
months
ahead
of
similar
services.
The
best
password
manager
makes
your
time
online
more
secure—and
simpler
too.
A
password
manager
takes
the
pain
out
of
passwords.
It
creates
strong,
unique
passwords
for
every
account
you
have.
That
includes
banking,
social
media,
credit
cards,
online
shopping,
financial
services,
or
what
have
you.
The
entire
lot
of
it.
And
remember,
remembering
is
the
thing
with
passwords.
Hackers
hope
you’ll
get
lazy
with
your
passwords
by
creating
simple
ones,
reusing
others,
or
some
combination
of
the
two
because
that
makes
it
easier
to
remember
them.
That’s
the
beauty
of
a
password
manager.
It
does
the
remembering
for
you,
so
you
simply
go
on
your
way
as
you
go
online.
Safely.