Edit This Page


Get started

Learn about how to create strong and secure passwords

Learn how to

Password basics

Protecting your information

Passwords are often the first and only barrier between your information and anyone who might want to read, use, or destroy it without your mission

Passwords are important

Passwords are important for both online security and privacy. Bad passwords can easily nullify most of your other efforts.

How passwords work

In general, when you want to protect something - whether a house or an email account - you lock it up with a key. All keys, physical and electronic, have one thing in common: they open their locks just as effectively in the hands of somebody else.

Use strong passwords

You can use the most advanced security tools, but if your password is week, or if you allow it to fall into the wrong hands, they will not do you any good.

Choosing a strong password

Use a password manager

A password should be difficult for a computer program to guess, difficult for others to figure out, and should be chosen so as to minimise damage if someone does learn it. We recommend you use a Password Manager like KeePassX to keep track of your passwords.

Make it long:

The longer a password is, the longer it takes to guess it. Use more than ten characters or ideally a long phrase or sentence. Short passwords of any kind, even totally random ones, are not strong enough for use with encryption today.

Make it complex:

Strong passwords are long and include a combination of lower and uppercase letters, numbers and special characters; their strength increases with length and complexity.

Don't make it personal:

Don't choose a word or phrase based on information such as you name, telephone number, child's name, pet's name, birth date, or anything else that a person could easily learn by doing a little research about you.

Keep it secret:

Don't share your password with anybody unless absolutely necessary! If you must share a password with a family member or colleague, you should change it to a temporary password first, share that one, then change it back when they are done using it.

Keep it unique:

Don’t use the same password across devices or for multiple accounts. Otherwise anyone who learns that password will be able to access all accounts with the same password

Keep it fresh:

It's important to change your passwords regularly, regardless of how strong of a password you have. We recommend you change your password at least once every three months.

Make it memorable:

Password patterns can allow you to use very different but related phrases for all of your accounts, basing one off of the other. For example, if you use your mother’s birthday, you could use your dad’s, brother’s, grandmother’s or dog’s for other accounts.

Risks of password patterns

Repeating patterns will make your passwords easy to remember, though it can put you at risk if an adversary gains access to multiple passwords and recognizes the patterns.

Use a new pattern

Of course, any pattern model becomes ineffective as soon as it is written or suggested anywhere online (so never use the one we just suggested).

Test your password strength

How secure if your password?

To test your password, you can play around with the “How secure is my password?” tool. This site will calculate how quickly a desktop PC could crack your password. “Hello12,” for example, would take about 19 seconds.

Choose a new password

But caution: after you enter your password into this public site, it might not be a bad idea to change it. And if you really believe that you are up against advanced adversaries, keep in mind that they’ll have much more computing power than a normal desktop PC.

Two-factor authentication

What is it?

Take advantage of online services that offer two-factor authentication. These programs require not only a password, but also, say, a code sent to you in a text message.

Input your code

You input the code to verify that you are indeed the person trying to access the account. Google, Twitter and Dropbox were the first to offer this procedure. However now, the practice is widespread in common service providers.


What is gitbook used for?

To read books To book hotel named git To write and publish beautiful books GitBook.com lets you write, publish and manage your books online as a service.

Is it quiz?

Yes No


  • en/topics/understand-3-opsec/0-getting-started/1-1-intro.md: Digital security basics
  • en/topics/understand-2-security/0-getting-started/1-1-intro.md: Understand security basics -

See also: