Texas Tech University

Secure Passwords

Internet criminals also know that most people use the same password for multiple accounts. If they figure out the password to your personal email account, and you use that same password for your bank account or another account with sensitive information, then they now have the ability to breach multiple accounts – and they will! It is in your best interest to create unique and complex passwords for personal accounts – even if it takes more on your part to remember them.

Suggestions for creating strong passwords:

  • Consider starting with a sentence or phrase that is meaningful to you, but not a common sentence or phrase
  • Remove the spaces between the words in the sentence
  • Convert the words into “shorthand” and/or intentionally misspell a word, e.g. HM for home
  • Add length and complexity with numbers and symbols that are meaningful to you; and
  • Use at least nine characters with a mix of uppercase/lowercase numbers, letters, and special characters (!,@,#, etc.)

Additional best practices for passwords:

  • Create unique and complex passwords for each of your accounts. If an identity thief obtains one of your passwords, they will likely try on multiple accounts
  • Avoid using personal information – such as nicknames, pet names, favorite color, hobbies, or birth date - as standalone passwords or password reminder questions. This information could easily be discovered on social media sites. Consider using false answers to password reminder questions that only you would know
  • Avoid using words found in the dictionary, popular slang, or acronyms when creating passwords
  • Change your passwords on a regular basis, for example every 90 days
  • Consider using a password manager, a utility that securely stores all your passwords. Therefore, you only have to remember the password to the password manager