Nearly everything is online nowadays - talking to friends, accessing documents or media, whatever it is, there’s a high chance you do this online.
Since everything is online, everyone tends to have a bunch of accounts for the services they use. These require passwords - and this post aims to teach you how to keep yourself safe.
What Are Passwords, Anyway?
Good question, even if you didn’t ask! Passwords are as simple as you might imagine - they’re just a piece of text you use to authenticate yourself. Without passwords, anyone can claim they’re “terryfromaccounting@gmail.com” - even if they’re not.
Needless to say, passwords are important. If someone else knows your password, they can easily identify as you, even if they’re not. The best way to prevent this? I’ll show you.
Password Requirements
This guide follows the NIST 2026 Password Guidelines. While you can read the entire document yourself (and if you have the technical knowledge, you should!), this is meant to be an overt simplification of that document.
So what’s laid out in the guidelines anyway? The very basic answer to that is: throw everything you know about passwords out the window.
- No more “needs 1 special character, number, capital letter, etc” requirements - everyone just goes along the lines of [Capital Letter][rest of password][Number][Special Character] anyway. It’s predictable, and that’s the opposite of what we want.
Instead, the guidelines prioritize length over complexity - a password can have special characters, capital letters, numbers, but if it has like 5-6 characters? It’s useless (and I’ll explain why, just later on). Instead, the only requirement for a password:
- Minimum of 8 characters.
That’s all! Somewhat. Saying that a minimum of 8 characters is the only requirement is misleading. Rather, that’s only if you have other means of authenticating yourself (MFA!). If a password is your only means of authentication, then the minimum should be 15 characters instead.
“I can’t remember 15 characters though!” is what any reasonable person would say, and I don’t blame you! I’ll go into the password format for memorable passwords.
Password Format
I’ll be honest here: memorizing your password of “sXj.cnQ&2s$SDx10X!n.82xA1k!” isn’t worth it. Instead, you should follow this nice simple format:
- [random word]-[random word]-[random word]-[random word]
It’s very simple, but I emphasize the word random. This is because the point of this password format is for it to be completely random and unrelated while still being memorable.
Examples (both good and bad) include:
- “verifier-furnace-projector-ladybug” (good! all random.)
- “shirt-pants-socks-shoes” (bad. they’re related!)
- “backpack-firetruck-34-koala-vernacular” (good! also all random.)
- “tom-2-jerry-cat-mouse-12” (bad. they’re related as well!)
Additionally: Avoid fictional characters or people you know. It makes it easier for attackers to guess your password!
Even Better Way to Manage Passwords
While the above format is good, it has its problems (on the human side). The real way to handle your passwords? Leave it to a password manager! Throw away saving passwords through your browser or writing them down. Use a password manager instead:
- it generates long passwords and makes sure they’re 100% random that you don’t have to memorize.
It’s great thing to do - but, you can’t use the password manager to generate the password to your password manager - so, for that, you should absolutely use the above format. That’s the one password you should remember.
Aside from that, there are some things to take into consideration:
- Don’t reuse passwords, especially if they’ve been leaked.
- Don’t relate yourself to your password.
- Don’t relate anyone you know to your password.
- Just never tell anyone it.
If you follow all of this, you should be fine!
What’s the Point?
“What’s the point in all this anyway?” is a perfectly valid question - but, most of it boils down to preventing data breaches from being as critical as they can be.
It’s important to protect yourself online just as much as in-person; use proper password guidelines!!