9 Essential Rules for Password Safety

Reading time: 5 min

Updated on November 24, 2022

Passwords are the Achilles Heel of some of the biggest digital security systems in the world. Having user logins and passwords stolen are an all-too-common crime that allows criminals and hackers walk right through the front door and begin pilfering your personal or your company’s files, data, and financial information.

PC

In 2014, one JPMorgan employee had his login credentials stolen by a hacker. The result was 83 million individuals and small businesses having their personal information compromised. So how do you keep your passwords safe, sacred, and out of the hands of people who would use them to do you wrong?

Here are 9 essential rules for password safety to help keep your system secure.

#1  Take your password seriously

A 2014 survey by BetterBuys revealed that a good hacker with the right software could crack a six-letter password such as “beagle” in 0.29 milliseconds. If you add in your beagle’s birth year and make that password “beagle2006”, the hacker’s time to crack it jumps up to a little more than 10 years. Put a random character in front of the whole thing (#beagle2006) and the time to break it becomes 289,000 years.

#2  Never write your passwords down

Really, NEVER. Passwords should exist in your head. Writing them down gives thieves a precise copy of every website that is important to you and how to access it as well. That’s like having a robber open the front door to find you’ve drawn a map of your home showing them where all the valuable items are kept. If you simply must write them down, write them on a sheet of paper filled with other numbers, letters, and symbols so the average person could not tell which was which.

#3  Avoid easy keyboard combinations

Sure, everyone knows to avoid “abc” and “123” but plenty of people think “asdf” or “qwerty” are so much safer. Those are among some of the first combinations a hacker will try. Do yourself a favorite and think a little higher thinking before you set your password in stone.

#4  Never enter your password on a computer you don’t control

It might be convenient to check your email at the library or the copy store, but you have no idea who has put what malicious program in that system.

#5  Don’t share an account with anyone who isn’t family (for home use) or a coworker (for professional use)

You might think you’re best friends forever, but if a relationship goes south, you can never can tell what another person is going to do with access to your personal information.

#6  Change your passwords every 3-12 months

Some companies are smart enough to install software that forces you to change your password every 90 days. That’s a smart practice for two reasons; it lessens the likelihood of a password getting stolen; and if your password has been compromised, it lowers the number of days a hacker can use it maliciously before it’s changed again. Change all your passwords yearly at least. When you upgrade to a new phone, tablet, laptop, or desktop, you don’t want that piece of technology’s next owner to be able to snoop through your accounts.

Image of change your password notes

#7  Make sure all of your important accounts have different passwords

Imagine a hacker swiping the login and password for your Mastercard. Ten minutes later, they use the same combo to access your Discover Card; then American Express; then your bank account. Using the same password for all your accounts is very convenient and thus, very tempting. But you’re setting yourself up for a doomsday scenario where all of your accounts are compromised at once, and it becomes that much more difficult to lock access and restore them.

#8  Don’t scrimp on your security software

When it’s your personal security at stake, does $50-$75 a year really seem so bad? Make sure you’ve got that software running all the time. Check the list of services to make sure your choice is resilient against malware and keyloggers.

#9  Never enter passwords when you’re using public WiFi

Anytime you’re not at work or your own house, never enter your passwords or visit any personal websites using the free public WiFi. If you have to do this, make sure to use a VPN to guarantee your safety. VPNs encrypt your data through a remote server before sending it on to the Internet and do the same thing over when the websites you visit send information.

The best VPNs

1ExpressVPN

ExpressVPN

One of the best VPNs for security purposes include ExpressVPN, which has split tunneling and a kill switch, along with a no-logs policy and its own DNS on all servers.

Try Now Risk Free

Editor’s Note: Transparency is one of our core values at WizCase, so you should know we are in the same ownership group as ExpressVPN. However, this does not affect our review process, as we adhere to a strict testing methodology.

2Private VPN


Private VPN is the pride of Sweden and has remarkable 2048-bit encryption, P2P functionality, port forwarding, and a strict no-logs policy.

Get it Now

3NordVPN

NordVPN

NordVPN has AES 256-bit encryptions, 24/7 customer support, and additional security tools like CyberSec.

Get it Now

We review vendors based on rigorous testing and research, and also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more

Wizcase was established in 2018 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, Intego and Private Internet Access which may be ranked and reviewed on this website. The reviews published on Wizcase are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

John Bennet
Written By John Bennet
John Bennet is an experienced data and communications engineer and cross-platform copy and content writer and editor with a keen interest in cybersecurity. He has been working with and researching, VPNs and other online privacy tools for many years.
Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!

We're thrilled you enjoyed our work!

As a valued reader, would you mind giving us a shoutout on Trustpilot? It's quick and means the world to us. Thank you for being amazing!

Rate us on Trustpilot
4.40 Voted by 3 users
Title
Comment
Thanks for your feedback
Loader
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Loader
Loader Show more...