How do I make a strong password?
Are you using one of the ten most commonly used passwords? And do you fail to change your password every six months? In this article, we give you a few simple tips to create strong passwords.
Are you using one of the ten most commonly used passwords? Then it is essential that you change it as soon as possible. Especially if you use the password for multiple accounts.
- 123456
- 123456789
- qwerty
- password
- 12345
- qwerty123
- 1q2w3e
- 12345678
- 111111
- 1234567890
Tips for making a strong password
The longer the password, the stronger
Use a hard-to-guess Tilburg University-password
It is important to choose a password which is hard to guess.
The Tilburg University-password you choose, should meet a number of criteria, before it is accepted. Those criteria are:
- It must contain at least 8 characters and 16 characters at the most.
- It must consist of alphanumeric characters only (a-z, A-Z, 0-9), special characters are allowed ~ ! @ # $ % ^ & * ( ) - = _ + [ ] { } | ; ' : \ " , . \ / < > ?
- It must contain at least one digit, one uppercase character and one lowercase character.
- It may not be simple/systematic (e.g. not 123abcABC).
- It may not contain your username, last name and administration number.
- Dutch and English words may not to be used.
Choose a passphrase
Use a saying, a line from a song, or a sentence that you can easily remember. Use the first letter of every word as your password. Capitalize some letters and add a sprinkle of symbols.
For a good password, you need to be more creative than just using your birth date or a logical series of numbers: you will have to dream up a ‘passphrase’, for instance, a line from your favorite song, a book, or a movie. For safety sake, do something special, for example, replace letters by numbers. The longer the password, the harder it will be to guess or hack. Eight characters is really too short. It may seem like a lot of hassle but you'll be used to your new, strong password in no time, and it is so much safer than ‘password’ or ‘qwerty’. Because, as you have read above, these too are in the top 10.
Unique password
Use a unique password for each account. Cybercriminals often try stolen passwords for many different internet services. The website hosting your account can be hacked. If criminals have only one of your passwords, they do not immediately have access to all your accounts.
Wherever possible, use multi-factor authentication
This means that, in addition to your password, another means of identification is necessary to log on, for instance, a text message or an app on your smartphone that generates a code, such as Google Authenticator.
Change your passwords at least every six months
If someone has found or guessed your password, that person will not as a rule send you an e-mail to tell you so. In other words: you will be unaware that your password was captured by a hacker or is out in the open following a data breach. Periodically changing your password(s) is the smart thing to do, preferably at least every six months. Then you can be sure that people who may have gotten hold of an old password of yours cannot access your online banking data or Instagram account.
Use a password manager
Using different passwords for different accounts in the form of a sentence, with numbers and preferably also with a few symbols thrown in, poses its own problems. How do you remember and keep track of all those passwords?
Using a password manager is a good solution. A password vault is a kind of digital safety deposit box where all your passwords for various websites are safely stored. Such an application can also create and store complicated passwords. The only thing you need to remember is one master password. It may cost you a little time to get used to, but you will greatly increase the security of your passwords.
Keeper
Tilburg University has a campus license for the use of Keeper. Keeper is a password manager in which you can store your login credentials to online websites and services safely. In addition, Keeper can help you with creating unique passwords.
You can find more information about Keeper, for example how to install and how to use the application, on the Self Service Portal.
Read more about what you can do to work in a safer way
Do you want to check how strong your password is?
Did you know that?
- 3 in 5 people in the Netherlands use the same password for multiple online services.
- Almost 2 in 5 people in the Netherlands use a total of one to four passwords on the internet (way too few!).
- Yet, 50% of the people in the Netherlands worry about being hacked.
- Only 7% use password generator software such as a password vault.
- 56% of the people in the Netherlands is not familiar with password generator software.
- 70% of the people in the Netherlands indicate that it is impossible to create a separate password for every online service.
- 80% of improper access comes from password misuse, this is prevented by multi-factor authenification (MFA).