How to create a password that’s safe from hackers in 2024

It can take less than six hours to hack 90 percent of passwords, leaving your online identity, personal data, and bank accounts far from the reach of any self-respecting hacker.

Gone are the happy days of choosing passwords like “pass” or your dog’s name followed by “123” without a worry.

In 2024, you’d be hard-pressed to find a platform that doesn’t require eight characters, a mix of uppercase and lowercase letters, and at least one special character at a minimum: fido123 simply isn’t enough.

With these seemingly endless stipulations, it’s no surprise that people choose something like ‘Password123*’ at every available opportunity.

Creating a complex password can certainly give you a headache, but it will also keep you much safer from criminals.

James Millin-Ashmore of Independent Advisor VPN said: ‘Passwords are a common target for hackers, with almost 1,000 attempts to hack account passwords every second.

‘Despite this, many people are not doing the basics to help protect their accounts.

“Making sure your passwords are secure should be the top priority for any Internet user, especially since these sites can contain valuable information.”

So, with strong online security becoming more essential to protect your data and the tools at hackers’ disposal becoming more sophisticated, it pays to know how to set a strong password and stay one step ahead of those trying to compromise her.

By following certain steps, you can ensure that you and your information are protected online and that hackers waste more time if they can’t break through.

Don’t make it easy for hackers

A hacker typically uses brute force when trying to crack a password, meaning they will try every possible combination until they find the correct sequence.

This being the case, the more characters your password has, the more difficult it will be to hack it. Independent Advisor VPN recommends using at least 12 characters to keep your data secure.

There are also key passwords that should be avoided.

These are the ones that a hacker can decrypt in a matter of seconds.

It’s best to stay away from common combinations like ‘1234’ and ‘abcd’, as well as keys like ‘qwerty’, as these are often the first passwords a hacker will check.

Independent Advisor VPN says that ‘123456’ is the most common password and is almost certainly the first port of call for a hacker, in close competition with ‘password’.

Make it as unique as possible or try a passphrase

The key is to make your passwords as unique as possible. Using the available character types, you can create a password that combines upper and lower case letters, numbers, and special characters.

Sure, ‘)xF&bE6g*Lk’ may not be as catchy or memorable as ‘password123’, but it will also require considerably more effort for a hacker to solve.

“Ideal passwords are long, comprise a combination of character types, lack personal or common information and are unique to each site,” Simon McNally, cybersecurity expert at Thales, told This is Money.

“Sticking with a password that uses a passphrase is easier to remember without compromising security.”

Passphrases are exactly what they sound like. Instead of using a single word, you can implement a longer phrase that has the advantage of being harder to decipher with brute force and much more memorable to the user.

These phrases can also be constructed by substituting letters for the words in the phrase and using acronyms will make this phrase even more secure.

Independent Advisor VPN explains that “I want to create a strong password to protect my data” could become: “Iwtmasptsmd”, a seemingly random collection of letters.

Avoid reusing passwords for multiple platforms

Reusing a password for more than one platform basically opens the door to a hacker who has compromised an account, giving them access to all platforms for which they have used the same password.

This is where the emphasis on uniqueness comes into play. If you are hacked, it is unlikely that the hacker will be able to carry out multiple attacks.

McNally said: ‘Have you ever used the same key for multiple locks? It is a risky task because if a lock is picked, all the doors open wide.

‘The same rule applies to your passwords. Passwords should be different everywhere you use them.

‘Reusing your password is not a good idea because if you use the same password for all your online accounts and only one is compromised, all your other accounts will be compromised.

“We’ve seen in recent years vendors like Apple introduce password reuse notifications to avoid the ‘one key to open everything’ threat.”

Store your passwords securely

Unless you’re superhuman, remembering all these unique, random passwords for countless platforms and accounts is nearly impossible.

You could go old school and write down your passwords by hand. This works, of course, and your passwords will generally be protected if they are kept in the safety of your home.

Instead, the threat here comes from the real world, as placing the access information to all your data in one place could expose you to considerable risk in the event of theft.

Alternatively, opt for an online password manager.

While it may seem riskier than putting pen to paper, encrypted password managers actually provide more protection for your information.

Using two-factor authentication will also add another layer of protection to your passwords.

‘If you want to keep your password secure, don’t leave it out for others to see. “If you have trouble remembering all your passwords, a password manager can help you break the bad habit of reusing them,” McNally said.

“A password manager helps you generate and recover complex passwords, store those passwords in an encrypted password vault, or even create strong, complex passwords for yourself.”

There are multiple products on the market, including free options like NordPass and Bitwarden, or paid services like Dashlane and LastPass.