How to create a secure password that hackers won’t be able to crack

It can take less than six hours to crack 90% of passwords, leaving your online identity and personal data in general easy targets for hackers.

Gone are the good old days of picking passwords like ‘pass’ or your dog’s name followed by ‘123’ without a second thought.

In 2024, you’ll be hard pressed to find a platform that doesn’t require eight characters, a mix of upper and lower case, and at least one special character as a minimum – fido123 won’t be enough.

With these seemingly endless terms, it’s no surprise that people choose something like ‘Password123*’ at every available opportunity.

Making a password complex can certainly give you a headache, but it will also keep you much safer from criminals.

James Millin-Ashmore of Independent Advisor VPN said: “Passwords are a common target for hackers, with nearly 1,000 attempts to crack account passwords every second.”

“Despite this fact, many people are not doing the basics to help protect their accounts. Making sure passwords are strong should be a top priority for every internet user, especially since these sites can contain valuable information.”

So, with strong online security becoming more and more essential to protecting your data and the tools available to hackers becoming more sophisticated, it pays to know how to create a strong password and be a step ahead of those who try to violate them.

By following a few steps, you can ensure that you and your information are protected online and that hackers will waste more of their time failing to break into your accounts.

Don’t make it easy for hackers

A hacker will try every possible combination until they find the correct sequence when trying to crack a password.

In this case, the more characters there are in your password, the harder it will be to crack. Independent Advisor VPN recommends aiming for at least 12 characters to keep your data secure.

There are also basic passwords to avoid. These are the ones that will be cracked by a hacker in seconds.

It’s best to avoid common combinations like ‘1234’ and ‘abcd’, as well as keystrokes like ‘qwerty’, as these are often the first passwords a hacker will check.

Independent Advisor VPN reports that ‘123456’ is the most common password and is almost certainly a hacker’s first choice, as is ‘password’.

Password: Make it as unique as possible, or try a phrase

The key is to make your passwords as unique as possible. By taking advantage of the character types available to you, you can create a password that combines upper and lower case letters, numbers, and special characters.

Sure, ‘)xF&bE6g*Lk’ might not be as catchy or memorable as ‘password123’, but it will also take significantly more effort for a hacker to figure out.

“Ideal passwords are long, contain a mix of character types, do not contain personal or shared information and are unique to each site,” Simon McNally, cyber security expert at Thales, told This is Money.

“Sticking to a password that uses a passphrase is easier to remember without compromising security.”

Catchphrases are exactly what they sound like. Instead of using a single word, you can develop a longer phrase that has the advantage of being harder to crack and much more memorable to the user.

These phrases can also be made by replacing the words in the phrase with letters, and using acronyms will make this phrase even more secure.

Independent Advisor VPN explains that “I want to make a strong password to secure my data” could become: “Iwtmasptsmd” (ss: the initial letters of the phrase in English, I want to make a strong password to secure my details), a seemingly random collection of letters.

Avoid reusing passwords for multiple platforms

Reusing a password for more than one platform essentially opens the door to a hacker who has compromised an account, giving them access to every platform you’ve used the same password for.

At this point the emphasis is on uniqueness. If you are hacked, the hacker is unlikely to be able to carry out multiple attacks.

McNally stated, “Have you ever used the same key for multiple locks? It’s a dangerous endeavour, because if one lock is broken, all the doors open wide.”

“The same rule applies to passwords. Passwords should be different everywhere you use them. Reusing passwords is not a good idea because if you use the same password for all your online accounts and just one is compromised, all the other accounts are compromised.”

“We’ve seen in recent years vendors like Apple introduce password reuse alerts to prevent the ‘one key to unlock all’ threat.”

Store your passwords securely

Unless you’re superhuman, remembering all those unique, random passwords for countless platforms and accounts is nearly impossible.

You could go old school by writing down your passwords by hand. This of course works and your passwords would generally be protected if you kept them in your home safe.

Instead, the threat here comes from the real world, as putting access information to all your data in one place could put you at significant risk in the event of theft.

Alternatively, choose an online password manager.

Although it may feel like it’s more dangerous than putting pen to paper, encrypted password managers actually provide more protection for your information.

Using two-factor authentication will also add another layer of protection to your passwords.

“If you want to keep your password safe, don’t leave it out there for others to see. If you have trouble remembering all your passwords, a password manager can help you break the bad habit of reusing passwords,” said McNally.

“A password manager helps create and recover complex passwords, store those passwords in an encrypted password vault, or even create secure and complex passwords for you.”

There are many products on the market, including free options like NordPass and Bitwarden, or paid services like Dashlane and LastPass.