Wait! If you think your password is okay, then it probably isn’t. That’s even if you have followed advice on how to choose a good password. I’ve worked in IT since for over 20 years so I should know all about security, but I’ve been a victim of malware and credit card fraud. I’ve had my Facebook account and my website hacked, I’ve also had sophisticated scam emails that nearly fooled me though I’d like to think I’m pretty good at spotting them.
You need a secure password, and you need it for your social media accounts, email account, financial accounts, and your website. They need to be unique for all your important accounts. Moreover, it is essential that you change them regularly. (Perhaps every six months).
So what is a good password? Is g00dpw123 okay? According to howsecureismypassword.net, it would only take 42 minutes for a brute force attack to crack it. Okay, is #3L1P98^ better? It’s worse, that would take 19 minutes.
A good password should be very long (20+ characters) and easy to remember. One way is to use a password manager like 1password or to use three unrelated words and spaces.
e.g. ‘lavender bathtub cabbage’ would take four sextillion years (but don’t use that one because its visible on this website and hackers could add it to their dictionary.)
It’s a good idea to change your password regularly because of data breaches, e.g., according to monitor.firefox.com hackers stole my passwords from Daily Motion, MySpace and Last.fm, (and that is just the known ones).
See How to Create a Strong Password (and Remember It) for more details.
Be careful online!