How to create strong passwords and prevent password hacking

password hacking

It can be a real chore to come up with novel, challenging passwords for online accounts. It can seem impossible to remember all the different combinations of capital and lowercase letters, numbers, and special characters that you frequently need.

Here, we’ll go over some key advice for managing all of your passwords as well as strategies for creating unique, secure passwords for all of your accounts.

1. Avoid applying the same one everywhere

Even though it should go without saying, it does. You’d be shocked at how many people use the same password across all of their accounts. While this makes it simple to remember, it also means that if you use the same email address or username for each account, you’ve essentially been hacked on all of them.

Even though it might be tempting to reuse passwords, it’s important to make sure you have a diverse selection of passwords to make it harder for hackers.

Keeping track of so many passwords can be too cumbersome for many people, making this intimidating. According to Naveed Islam, Chief Information Security Officer at payment service provider Dojo, this results in risky behaviour.

The digital keys for almost everything on the Web, from checking emails to doing your banking online, are passwords. Password usage has increased as a result of the explosion of online services. Password fatigue is a result of having to remember an excessive number of passwords on a daily basis, which is something that many people experience. People use easy-to-remember and predictable password creation techniques to avoid password fatigue by reusing the same password on numerous websites. Attackers take advantage of people’s well-known coping mechanisms and abandon them.

It can be challenging to balance convenience and security, but if you can follow a few of the advice below, you can at least reduce the risks.

2. Avoid using information that is simple to deduce.

Using birthdays, pet names, your mother’s maiden name, and – most frequently – a combination of those is a popular method for remembering passwords.

Even though it may seem clever, these are some of the first attempts that anyone who is serious about gaining access to your account will make. Additionally, you frequently get asked questions like these when completing forms or even participating in pointless quizzes on Facebook and other websites. There is a good chance that the information you believe you are the only one with access to is actually available online.

Associating passwords with facts about us isn’t a good idea because the trick with passwords is to make them as random as you can.

3. Avoid using any of these widely used passwords.

Every year, a number of researchers publish a list of the most popular (and frequently cracked) passwords that people use to protect their data. Unfortunately, the same ones do appear quite frequently. According to Dashlane, these are the top ten passwords used in the US in 2022. It is truly unbelievable that people are still choosing these.


  • 123456
  • 123456789
  • 12345678
  • 1234567
  • Password1
  • 12345
  • 1234567890
  • 1234
  • Qwerty123

This list will soon be updated because many of these subpar attempts won’t work because websites require special characters, numbers, and other things. The key takeaway is to change your passwords right away if you are using any of these.

4. Prevent themes

As was already mentioned, you’ll want to use as neutral of a basis for your password as you can to avoid using obvious patterns of letters and numbers or personal information.

The top themes into which the most frequently cracked passwords worldwide fell were listed in a recent report by Dojo. The top 10 are as follows:

  • terms of endearment or pet names
  • Names
  • Animals
  • Emotions
  • Food
  • Colours
  • curse words
  • Actions
  • household members
  • automobile manufacturers

So, stay away from taking these as your model if you want to come up with better, more secure passwords.

5. Make use of two-factor authentication

Two-factor authentication is now supported by the majority of popular websites and apps when logging in from a new device. You typically have to use a verification app or request a text message with a code for verification.

In contrast to a straightforward software hack, the idea is that the hacker needs physical access to your device in order to access your account. Although it is a minor inconvenience, it is absolutely necessary if you want to guard against passwords that could be weak.

6. Tips for choosing a strong password

The more capital and lowercase letters, punctuation marks (like $%&), and numbers you use, the better. Likewise, begin your password with a number.

You can choose from a number of ideas for memorable passwords, such as the first letters of well-known phrases, song lyrics, or anything else you can recall.

Another strategy is to substitute numbers for letters. Use special characters like @ in place of o or a, as well as 0 in place of o, 1 in place of I, 4 in place of A, and 3 in place of E.

As an illustration, bigbrowndog becomes b1gbr0wnd@g.

It’s not too difficult to type or remember that. For an even stronger password, you should capitalise both the first b and each individual word.

Avoid using short passwords as they are easier to crack. Avoid patterns that can be hacked more quickly than random elements, such as combinations like your name, family name, or company initials.

Avoid using nicknames, endearments, brand names, and even your star sign because they can reveal your identity.

Since our memories are trained to remember things through some kind of pattern or association, it can be very difficult for average people to create this. Fortunately, you don’t need to put in all the effort.


8. Use a password manager, please.

Using a password manager is, in our opinion, the best way to handle the growing demand for longer and more complex passwords. These will serve as a central location for all of your login information, generate brand-new passwords for your accounts at random, and fill out login forms on websites and apps on your behalf.

The best part is that everything else is handled by the password manager, so you only need to remember one password for the service itself.

Dashlane and 1Password are two of the most well-known services, but you can see our current top pick in our roundup of the best password managers.

You can also allow your web browser or phone to save logins for you.