The analysis of the password happens in your browser, so no data is sent to any server. Start the analysis by typing your password here.
Passwords protect everything. Your identity, financial data, health records and company secrets, conversations and much more. It is mandatory to use strong and secure passwords, yet what is a strong and secure password and how do I come up with a strong / secure password. Here are a few tips:
A strong password is at least 16 characters longs and preferable includes numbers, special characters, lower and uppercase symbols.
Passwords should be unique and never re-used for multiple websites. You do not want your bank account or email account compromised because you used the same password for a game you tried once. Use an enterprise password manager like Psono to store and manage all these passwords.
There is certain information an attacker can easily guess and as such you should avoid names of pets, family members, or friends.
A second factor like Google Authenticator, Authy, Yubikey will help to protect your accounts even if your password ever gets compromised.
Do not use zip codes, house and phone numbers, birthdays and sequences from your ID or social security number to improve your password. This type of data provides no additional security.
Avoid keyboard patterns like QWERTY, 123456, and simple modifications to dictionary words like p4$$word! ... Secure passwords are random and look like qs^?#jD3Ym}8rB&D or }+Eph6/.q(7t*TjZ
Regular software updates are key to protect your systems from malware like keyloggers and Trojans. Many bugs are fixed for weeks before attackers are exploiting them.
Any password mechanism, that cannot be easily changed yet cloned, like your iris or fingerprint, should only be used as a second factor and avoided.
You should only log in on computers that you trust. An attacker might have installed malware on your friends' or family members' computer.
Untrusted Wi-Fi hotspots and free VPN services are a common way for attackers to steal your passwords.
Only use secure protocols like HTTPS, SFTP and FTPS, so check which protocol you use before you enter any sensitive information.
Configure auto lock for your devices. A good time would be 30 seconds or less and create a habit of locking your device when you leave it, even just for a short period of time.
You should not use a password that has been part of a previous data breach. You can haveibeenpwned.com to test your passwords.
Never tell anyone your password. Always create separate accounts if possible. Keep in mind that administrators and support staff has other means to access your account and as such will never ask you for your password.
Need help to follow these tips?
Works on any Mac with the right browser.
Works on any Windows with the right browser.
Works on any Linux with the right browser.