![A string of random characters typically has higher entropy compared to a few common words due to the vast number of possible combinations. For example, a 10-character lowercase password has roughly the same entropy as a 4-word passphrase picked from a 5000-word dictionary [5].](https://passwordclinic.com/wp-content/uploads/2024/06/automation-section-3-150x150.webp "Crafting Unforgettable Passwords: A Guide for Developers")
The best way to make your password as strong as possible is to use as many different characters and make it as random as possible. For example, 123ABCabc!@# uses a lot of characters however they are not at all random. They don’t need to be completely random either. Especially if you want these login credentials to be easier to remember. Complete randomness, after all, would make it hard for you to remember the password. It can also take you longer when you need to copy it and then type it into a new device.
A good compromise, therefore, is to use many words and intersperse those words with uppercase and lowercase letters, numbers or special characters (^$@%!). For example, horsehatT9!trebuchetralph3Htelephone contains five words and a few numbers, capital letters and an exclamation point (bang). Because this password is greater than 20 characters it will take years to guess your password.
Using a password generator can provide stronger login protections.If you are concerned that using words makes it easier for dictionary attacks, don’t worry. A sufficiently long password with several words and added random characters between some of the words can increase the strength of your password. If it is longer than 15 characters it should be safe enough for most websites. For WiFi you want it to be as long as possible, so aim for 63 characters. Being easier to remember can prevent you from constantly resetting forgotten passwords.
Follow these rules & best practices for better online security
- Have long, strong passwords. Use a mixture of numbers, letters, and special characters
- Do not reuse passwords across multiple sites
- Your password should never contain common words, words or dates with meaning to you.
- Store passwords securely – use a password manager. It will do the hard work for you
- Use two-factor authentication – something you have. The second factor defeats password guessing
- If a site you use falls to a data breach, change your password immediately. Make sure you are not re-using that password and email combination on other sites
![A string of random characters typically has higher entropy compared to a few common words due to the vast number of possible combinations. For example, a 10-character lowercase password has roughly the same entropy as a 4-word passphrase picked from a 5000-word dictionary [5].](https://passwordclinic.com/wp-content/uploads/2024/06/automation-section-3.webp)
