Although most of the guidelines mentioned below are quite obvious, but still we fail to implement them because either we're just not concerned or we want to save time while creating an account.Let's quickly go through these password creation steps to ensure our accounts remain safe from unauthorized access. It's important for professionals and freelancers who manage business accounts.
1. Avoid creating common passwords - Interestingly, large number of web surfers use the most common passwords for their sensitive accounts. The first and most important step is to understand the need for a strong password.
Unless you don't realize the damage that can be inflicted in the event of account hacking, you cannot persuade yourself to create a strong password. So, make sure you're not creating simple and easy-to-guess passwords.
2. Use at least 8 characters - The shorter your password is, the easier it is to crack! A good password should be at least 8 characters long and can be as long as 14 to 15 characters. Making longer than that is not recommended as it may create problems in remembering and entering it every time you log in.
In fact, every good application or service not only recommend and prompts the user about the password length but also makes sure that the minimum length requirement is fulfilled.
3. Mix numbers, special characters, and letter cases - Generally, passwords are case sensitive. Liberally mix uppercase and lowercase letters intermixed with digits and special characters (e.g. @ $ % &). This greatly increases the complexity of the password and makes it harder to crack.
You should include at least one special character and one digit in your password. Including equal proportions of all the character categories will make the password—extremely strong.
4. Do not back up your passwords online - Sometimes, users create good passwords but store all of them within their cloud storage account. This is a disastrous step that puts all your passwords at risk in the event of account hack.
Either memorize them or scribble them on a paper and keep it with you. The latter option is the best one because relying on memory alone can prove fatal if you forget one or more of them.
5. Change passwords every 3 to 6 months - You should apply this rule to sensitive and important accounts which can cost you money. It's a good practice to change the passwords every 3 to 6 months.
In case, someone is sniffing or continuously trying to hack your account, this can make his work more difficult and can strengthen the security of your account. Never repeat an older one as your new password. In other words, always keep your new password—distinct and unique.
6. Do not share passwords even with trusted contacts - No matter how strong your passwords are, if they're somehow leaked to a second person, you cannot guarantee the safety of your accounts.
Therefore, I'll strongly suggest you resist sharing of passwords to even the most trusted contacts. If it's absolutely necessary, create a separate account for them with low privileges.