![A string of random characters typically has higher entropy compared to a few common words due to the vast number of possible combinations. For example, a 10-character lowercase password has roughly the same entropy as a 4-word passphrase picked from a 5000-word dictionary [5].](https://passwordclinic.com/wp-content/uploads/2024/06/automation-section-3-150x150.webp "Crafting Unforgettable Passwords: A Guide for Developers")
Do you need to create a secure password that is easy to remember? The password needs to be strong enough that it cannot be easily guessed. But you also want it to be memorable enough that you can recall it when you need to log in on a new device. If you are creating a password or passphrase for your WiFi router, using words instead of a string of random characters can make it easier to enter the password on smart devices, tablets and smartphones. Think about what a hacker could do with your WiFi password. Keep that password secure.
Doesn’t a word list make it easier for dictionary attackers?
If you are concerned that using words makes it easier for dictionary attacks, don’t worry. A sufficiently long password is difficult for dictionary attackers. Using several words and added random characters between some of the words can increase the strength of your password. If it is longer than 15 characters it should be safe enough for most websites. For WiFi you want it to be as long as possible, so aim for 62 tp 64 characters. Never use a WiFi passphrase shorter than 20 characters.
Your password should never contain really common words, words or dates that have meaning to you, or anything that could help hackers figure out your password or increase the odds that a brute force which attempts random character and word combinations might get lucky and recreate your exact password. If your password is greater than 13 or 14 characters, it should take years for even the fastest computers to combine enough random characters together enough times to repeat your password.
Common mistakes and misconceptions
- Replacing letters with numbers and special characters will thwart dictionary attacks. This common technique is well known to hackers. Swapping an “E” for a “3” or a “o” for a “0” makes passwords less safe
- Meeting the minimum length or character requirements makes it stronger. Anything less than a 12-character password won’t make you very secure. Especially when hackers can generate millions of 8 and 10 character combinations in seconds
- You can safely use the same password for many accounts and website logins as long as it’s a strong password. If one website is hacked and your password is stolen the password thieves can attempt to log into other common banking and social media sites, or your email accounts.
According to the 2017 Verizon Data Breach Report, 81% of breaches are caused by weak or reused passwords. So you can’t afford to have generic or repetitive passwords for your online accounts. You need to up your password security. And according to The Psychology of the Password report by LastPass and Lab43, even though people know it’s risky, about 55% still reuse passwords. And 38% of people keep passwords in a file on their computer or mobile device – or even write them on paper.
The state of password security — Lastpass.com
This is why you should always create secure passwords. If you fail to keep a password safe or if hackers can figure one out, all of your account data can be compromised and you may never realize it. The value of a secure password is priceless.
![A string of random characters typically has higher entropy compared to a few common words due to the vast number of possible combinations. For example, a 10-character lowercase password has roughly the same entropy as a 4-word passphrase picked from a 5000-word dictionary [5].](https://passwordclinic.com/wp-content/uploads/2024/06/automation-section-3.webp)
