Top 5 Best and Worst Password Practices

phone security - small.png

You’d think that creating a password today would be a simple practice, but with the rise of hacking I have noticed that there are several good password practices that are being ignored, and other poor practices still being implemented. Keep reading to see our top 5 best and worst password practices.


I know that sometimes creating passwords can be a pain, but if you implement these practices your information is more likely to stay safe.

  1. Create strong passwords

    A strong password should be at least 8 characters in length, contain both uppercase and lowercase letters, contain numbers, and at least 1 special character.

  2. Replace letters with numbers or symbols

    Hackers have software that can easily crack passwords containing standard dictionary words. Replacing an “e” with a “3” or an “s” with a “$” might make Mr. Webster roll over in his grave, but it will also help keep your information safe.

  3. Use two-factor authentication when possible

    Many websites are now implementing two-factor authentication, which means logging in is a two step verification process. It might take a little longer, but it makes it more difficult for anyone else to access your accounts.

  4. Test your password strength

    There are several trusted sources that allow you to check your password strength if you aren’t sure it’s strong enough, like this one from Microsoft.

  5. Use a secure password manager

    If you absolutely must store your passwords, make sure you aren’t keeping them in a word doc saved on your desktop. There are several secure providers that will manage your passwords for you and keep them safe like Keeper Security or LastPass.


Just as there are many things you can do to make sure your passwords are most effective, there are also several mistakes you can make that can leave you and your business vulnerable.

  1. Storing passwords in your browser

    It is a very popular practice nowadays to store your passwords in your web browser, but that actually makes it much easier for someone to gain access to your accounts. If your computer is hacked, it’s basically like handing them a piece of paper with all of your account information on it.

  2. Never updating your passwords

    I know, I know, change is difficult, but when it comes to your passwords, it’s best to change it up a bit from time to time. In the event that someone does discover one of your passwords, changing it regularly will ensure that they will not have continued access to that account.

  3. Using the same password for everything

    This kind of goes hand in hand with the one above. I know it’s easier to remember just one password, but if you think about it from the perspective of someone with nefarious motives, then you just made it much easier for them to access several accounts instead of just one.

  4. Sharing your passwords

    I’m not saying don’t trust anyone, but you definitely shouldn’t trust JUST anyone with your passwords. Also, don’t write them down and leave them lying around, and please don’t shout them across a room. You may think no one is listening or snooping around but you never know.

  5. Don’t use anything obvious.

    If your password is “Password123” then you better change it quick. Avoid using words like password or user, common numbers, or anything specific to you that people could easily find out like your birthday. Sometimes a little mystery goes a long way especially when it comes to your passwords.