Recommendations for Passwords in Today’s Cybercrime Environment

We read all the time about having a “strong password,” but what does this really mean? Simply put, it means creating passwords with at least 12 characters that contain a combination of letters (upper and lower case), numbers, and characters. The challenge, of course, becomes: How do I remember all of these different passwords? The answer is simple:

Everyone should have a system for generating strong, unique passwords.

Before we discuss our recommended system, it is equally important to know that having only one password that you use everywhere is simply not a safe practice. Here is the advice we give our clients:

  • Start by separating your work passwords from your personal passwords. Never use the same password across these two groups.
  • Within your personal passwords, utilize different passwords for your financial accounts than you would for social media accounts (e.g. Facebook, LinkedIn, etc.) versus your other personal accounts.

Let’s get back to a system that you can adapt and use for creating your own unique, strong passwords.  First, come up with your own special “phrase.”  Make sure it includes at least one upper-case (capital) letter, one number and one special symbol (such as ! or #).  A useful trick for making your code phrase easy to remember is to select a topic or activity that you have a personal interest in. Then, you substitute numbers or characters for letters.

  • For example, you have decided to use your favorite basketball team, the Golden State Warriors, winning 73 games, as your code phrase:
  • Substitute the letter S with the number 5 (because 5 looks like an S, it is easy to remember).
  • Do a similar thing by substituting a zero (0) for the O (a 0 looks like an o).
  • Now substitute the number 3 with the letter E.
  • And finally, substitute the letter a with the character @.
  • So now you have this…


Yes, this is a complicated password (which is the goal), but easy for you to remember. Now, pick other interests and take the same approach so you have a different password for work, financial, social media, and personal accounts.