How To Create An Unhackable Password (& Remember It)

Photo: Getty Images.
If your birthday, your hometown, the number sequence 1234, or any phrase on this list are part of any of your online passwords, consider this piece a must-read.

In recent years, more than a billion people have been the victim of cyberattacks, through both high-profile breaches of companies such as Target and eBay, and compromised individual accounts. Why do so many of us get hacked?

Basically: The password sucks. There's a good reason Apple, Samsung, and other manufacturers have added fingerprint identification to their phones on top of a passcode.

"It's not hard for attackers to crack a password," says Bob Lord, Yahoo's Chief Information Security Officer. On top of that, we make our own mistakes. "People use the same password from site to site and choose simple passwords," he says.

Fortunately, there are steps you can take to better protect your info. Here's what you need to know to create a stronger, safer password.

The longer, the better.

Most sites will require you create a password that's eight to 12 characters long, and you should always opt for 12, Lord says. Also, be sure to include upper and lower case letters and special characters (go ahead and throw a hashtag in there). Some experts advise against using full words; others go so far as to recommend concocting a random iambic pentameter poem for your password, if you have a lengthy character limit.

If it's on Facebook or Instagram, skip it.

Never create a password using information that's available on the public record, says Jeremiah Grossman, the founder of tech security company WhiteHat Security. This includes anything you've tweeted or posted about on social, from your dog's name to your hometown. Nevertheless, "you still want it to be something memorable," Grossman says. His suggestion? Take a line from your favorite movie, turn it into an acronym, and alter letter cases.

Keep it unique.

Using the same password for multiple sites is definitely tempting (who wants to remember 50 million passwords?), but dangerous. "The bad guys will hack a password for some random account to gain access to things you do care about," Grossman says.

What accounts matter? "The most important password is the one for your email account," says Kevin Haley, the director of the security software company Norton by Symantec.

Unless you have a joint account with your spouse, any password you create is for you and only you. The more you share, the more at risk you are for getting hacked. Scarily enough, Norton research has found that 36% of millennials share passwords.

Use a password manager.

If you're following these guidelines for every app and site you have an account on, you'd have to be an Einstein to remember every password you came up with. That's where a password manager comes in — and it's a must. Options include LastPass, 1Password, and Norton Identity Safe. In addition to creating a strong password for you in the first place, these will store your passwords, and automatically fill them in the next time you log in to your accounts.


Always opt for Two-Factor Identification.

Google, Yahoo, Facebook, and Instagram (among others) all offer two-factor authentication now. To use it, enter your password, and then a code is sent to you via text or email, which you then input before being granted access to your account. You usually don't need to do this every time — only from a new device, or when authentication expires after a few weeks.

This additional authentication is always a smart choice, Lord says, since it's unlikely hackers will have access to both your password information, and have your phone physically in their hand.

Pick the obscure security questions.

Just as you don't want to include public information in your password, you don't want to pick a security question or answer combo that someone could search for, Lord says. Yes, this means your mother's maiden name and the name of the street you grew up on are out. Pick a more obscure question, or better yet, answer a question with the "wrong" response. Choose "What is your favorite place to eat?" and then answer it with the name of your first pet instead, or the name of a made-up restaurant. The trick here is to be consistent, though, otherwise you'll just end up confusing yourself down the line.

This is too much effort.

If you're a lazy girl and all of this is just too much — can't I just do one of these? — go with two-factor authentication. It's your biggest safety bang-for-your-buck. But you do need it on all of your important accounts.

More from Tech

Pokémon Go was this year's biggest app sensation. Within 24 hours of its launch, the game became a mega hit and has since seen users walking billions of ...
For the second time this month, earthlings of the Western Hemisphere will experience a special event involving our moon. Earlier this month, we got our ...
If you want to look up information about your favorite celebrities, your first instinct is probably to google them. But depending on who you're curious ...
GENERATION STARTUP presents Women In Tech, an episode of an exclusive web series with footage left on the cutting room floor. The feature documentary ...
Complaining today is much easier than it used to be. Lost luggage, bad service, extra charges, broken products — you used to have to put a letter in the ...
It's Google's 18th birthday which means it can finally see all the porn it serves up
Tonight marks the first of three presidential debates between candidates Hillary Clinton and Donald Trump. Because of the debate's close proximity to New...
(Paid Content) Refinery29 is now on Versy, a messaging and content-sharing app made for busy people like us
The American Civil Liberties Union (ACLU) developed a phone app that will assist you in recording and reporting police conduct. The app, Mobile Justice, ...
If you aren't registered to vote, don't panic. As a matter of fact, thanks to Snapchat, you can now do it in just one minute, reports Time. The social-...
You may start to notice your Uber drivers snapping a lot of selfies, but it doesn't necessarily mean that you're riding with an Instagram addict. Your ...
Snapchat CEO Evan Spiegel announced that the company has developed new video-enabled sunglasses, called Spectacles, and will subsequently be rebranding ...
You're at 20,000 feet, and you realize your flight doesn’t have WiFi — which wouldn't be a big deal, except you forgot your book at home, and none of your ...
It's a sad but true fact that a bad commute — one where you just miss the bus or subway — has the power to ruin your day. More often than not, these near...