Three Steps to Creating Strong Passwords

Content From: HIV.govPublished: January 31, 20192 min read


Graphic showing computer screen and the word "Security"

It's important to update your passwords on a regular basis to prevent unauthorized access to your online accounts and to safeguard your valuable personal information, both at home and at work. Many of us know this because, frankly, we hear it all the time.

But how many of us do actually update our passwords on a regular basis? Here's an easy annual reminder — the start of the new year. Make changing your passwords one of your new year's resolutions.

New passwords should be both strong and memorable, but hard for others to guess. Passwords should:

  • Use special characters (e.g., *&%$@)
  • NOT contain sequential and repetitive characters (e.g., 12345 or aaaaaa)
  • NOT contain context-specific words (e.g., the name of the site, etc.)
  • NOT be obvious/commonly used passwords (e.g., p@ssw0rd, etc.)
  • NOT be old passwords that you know were potentially/actually breached in the past

Here is a simple three-step system for creating unique passwords for each category of online accounts.

Pick a phrase that is easy to remember — find a memorable phrase from a book, movie, song, television show, or comic book — anything you're not likely to forget.

Use a formula to convert the phrase to a strong password — take the first letter of each word in the phrase and apply your formula to make sure there are at least two capital letters, two letters converted into numbers ("o" could be "0", "s" could be "5", or "x" could be "10" if you like Roman numerals), and two letters converted into special characters ("I" could be "!", "a" could be "@", "v" could be "^").

Store a hint to the original phrase so you will only need to apply the formula if you forget the password — select a clue word or short phrase that's just enough to remind you of the phrase.

All of us in the HIV community are committed to protecting and securing our programs and data; that's why we must commit to using solid password management. Take a few minutes now to update your passwords and remind your family and co-workers to do the same.

Would you like to stay up-to-date on all of our blog posts about digital tools and social media? Sign up for our email updates so you'll never miss a post!