(UPDATED 5/2021)

By Megan Renart

You’ve probably seen this phrase a bunch over the past few years: “Your password must contain one letter, one number, one symbol, a never-ending math equation and your DNA.”

Creating (and remembering) passwords is becoming quite the mind-bending feat. Add that to the fact that cyberhacks are an increasing threat, with major companies experiencing data breaches, and you’ve got a little challenge on your hands. Not to worry — read on to find out how to protect your identity and assets online, safely and easily.

The key to creating a strong password

Most people possess multitudes… of passwords, that is. There’s one for their bank account, another for the work laptop, another for social media, another for paying bills online and on and on and on. Keeping track of them all can drive you nuts — especially when you’re prompted to come up with newer, stronger passwords every few months.

The key to more secure passwords — and more memorable ones — is to focus on length rather than complexity. Push out your password past 12 to 15 characters whenever possible to outsmart cybercriminals who use automated programs to cycle through passwords. The longer the password, the harder it will be for them to crack the code.

A password longer than 15 characters? You’re crazy! you must be thinking. But make it easy by using a line from a favorite song or a quote from a movie. You can create a sentence about your family that will make you smile every time you use it.

“Attackers have automated programs that combine dictionary words until they find the right pattern,” says Michael Slaugh, USAA executive director of financial crimes prevention. Slaugh suggests mixing in a number or a punctuation mark. “The key is to put it in a nonobvious place,” he says. “A period at the end of a sentence? Probably not a good idea. But a period between the first and second words is much better.”

Four More Sanity-Saving Tips for Passwords That Are Hard to Hack

• Don’t count on special characters to save you. You can throw a few hash marks or an exclamation point onto the end of a short password, but it’s still a short password, and that makes it easy to crack. Bottom line: A short but complex password isn’t as safe as a long one.

• There’s safety in variety.  Don’t use the same password for all your accounts unless you want that jerk who broke into your Facebook  to have access to your bank account, too.

• Set up a password safe.  Free software programs such as Password Safe (Windows only) let users store all their passwords inside a single encrypted site protected by a master security code.

• Two factors are better than one.  For an extra layer of protection, use two-factor authentication if it’s available, which requires a code in addition to a password to access your accounts. A mobile app like VIP Access or Google Authenticator generates a unique code every 30 seconds. You have to enter the code when you log in to an account, so even if a crook has your password, he can’t access your account without the code.

Serious about cybersecurity? Check out more ways to create secure passwords and logons.

Mike Slaugh is the executive director of the Member Authentication team within Enterprise Financial Crimes Management at USAA, where he helps members strengthen security and manage risk online. Mike holds a bachelor’s degree in computer science, a master’s degree in information technology and is a Certified Information Systems Security Professional. He enjoys sharing his passion for helping people protect themselves from cyberthreats and online fraud.

Safety guidelines are not intended to be all inclusive, but are provided for your consideration. Please use your own judgment to determine what safety features/procedures should be used in each unique situation.

248794 - 0521