Tips for Strong Passwords How to generate secure passwords?

Whenever possible use the Password Depot generator to create a secure password. Choose the maximum number of characters permitted as well as all allowed types of character to attain maximum security. Passwords should be as long and complex as possible. Don’t worry, you won’t have to remember them, because Password Depot saves them all for you. However, here are some hints, if you should ever have the need to manually generate a secure password.

Hints on creating secure passwords

Following are some useful hints which will help you to generate a secure password:

Many characters. Use as many characters as possible, because every additional character increases security. Use at least 8 – 10 characters – but preferably as many as the system allows.
Different characters. Don’t repeat characters not even a sequence of them – no matter the type of character (letters, numbers, punctuation, symbols).
Different types of characters. Use letters (lower and upper case) as well as numbers, punctuation and symbols. Ideally, you will use all allowed types of characters.
No character sequences. Avoid a pattern of certain letters, numbers or keyboard sequences.
Do not replace a letter with a similar character. Replacing a letter with a similar number or special character does not mislead a good hacker. So substituting the letter "o” with the number "0” or "I” with "1” or "a” with "@” (e.g. "P@ssword”) is only of little use. Better replace an "I” with a special character like "$”.
No personal data – no matter if it’s names or numbers. Do not use the name of relatives, acquaintances or nicknames.  Also don’t use personal numbers such as your telephone number or license plate.
No personal preferences. Personal preferences are as easy to guess as private numbers or names. So don’t choose your personal favorite dish/sport/city/TV show, etc. 
No dictionary listings. A word that you can find in a dictionary is not secure. No matter how long it is or the kind of dictionary, because hacker programs can systematically go through all dictionary entries.
Change. Change your password routinely – even more often, if the protected content is very sensitive or if the password is rather short. A rough guideline: passwords with less than 8 characters should be changed weekly. Passwords with 8-10 characters should be changed monthly and those with 12 or more characters should be renewed once every half year.
Variation. Use a different password for each account. Never use the same – or similar – password for more than one account.

In Summary

  • A password should consist of the maximum number of characters permitted by each account.
  • It should contain all types of characters which the account allows including numbers, punctuation and symbols. Also upper and lower cases should be mixed in.
  • It is NOT a secure password if you can find it in a dictionary – no matter the length! Programs used to decipher passwords work with dictionaries and systematically go through their entries.
  • Do not use names of family members or pets. Also don’t use your phone number or license plate number or any other personal data that can be easily related to you.
  • Never use simple keyboard sequences such as "asdf” or "09876”.

IMPORTANT: Change your passwords routinely. The more sensitive the data, the more often you should change the password. Let Password Depot remind you automatically by filling in the "valid until” box.

How to create a Master-Password in Password Depot:

In keeping with the previous hints, the following advice applies to creating a secure Master-Password for Password Depot:

  • Built a secure Master-Password by using the first letter of each word of a sentence that is easy to remember. "I use secure passwords from Password Depot for 10 years now.” Translates into the password "IuspfPDf10yn”. To make this password even more secure, you may replace the letter "f” with the special character "#”, resulting in "lusp#PD#10yn”.
  • Another method is to mix numbers and words: "P2a9s1s0w2o0r0d1” as a combination of "Password” and "29.10.2001”. The date used should not be a well-known birthday. Here as well you may increase security by replacing numbers with special characters, e.g. "1” with "^” which results in "P2a9s^s0w2o0r0d^”.