Log in through the extension

LastPass is best experienced through your browser extension. Install LastPass for Firefox to automatically login to sites as you browse the web.

Install LastPass Close
IDENTITY 101

Password 101 – Password Basics to Keep You Safe

Your digital identity and access begin with your login information, a username, and password. You know to use strong, unique passwords and change them often due to the potential risk of cyber security threats and hacking. You’ve been told repeatedly not to reuse your passwords, not to make them recognizable and therefore less guessable, not to store or save your login information on websites and apps, and not to share them.

Most people don’t follow these guidelines. And security breaches are on the rise.

That means you're more vulnerable: your personal, sensitive information and identities are available to hackers who shouldn’t have access and who are willing and eager to use or sell that information.

You can reduce that risk and your exposure by taking the simple step of improving your passwords.

What is a password?

A password is the second component to your login information that authenticates your identity as a digital user. The combination of a username and password is unique to you and you alone. It provides added security for your information and access, much like a PIN serves as an added layer of protection for your debit card.

As such, your password is valuable and considered part of your digital identity – the key to access the resources you have and use online.

Password best practices

A password is only helpful if it can’t be guessed or accessed by others. As simple as that sounds, it’s a basic tenet that few users follow. There have been countless stories of significant cyber breaches where the password used was Password1234 or Admin1234. Basic, default, easy to remember, often used passwords are typically the first try of anyone attempting to access an account they don’t have the right to see.

The best practices for better, safer passwords are straightforward

Remembering passwords is paramount to a seamless, convenient online experience. Remembering passwords can be tricky, so you may be inclined to reuse one password for several accounts. That ease of access puts you at risk. Is the convenience worth trading your passport number or health information and details for? What about your bank account access?

Use strong passwords

Passwords are a series of characters, numbers, letters, and symbols. Skip using the obvious ones or ones easily associated with you (meaning, easily guessable). Don’t use birthdates or anniversaries, pet names, or recognizable famous words. Strong passwords shouldn’t be easy to remember or imagine.

Change your password frequently

Regularly change your password. The longer you use a password, the more opportunities there are to be hacked. By frequently changing your password, it restarts the process of anyone trying to guess it or hack it. Many companies and services require changing passwords at regular intervals, such as every three to six months, and even block you from reusing previous passwords.

Don’t reuse passwords

We are drawn to consistency, especially when it makes our lives easier. That’s why so many users repeat passwords or have a cycle of several that they use in combination or variation across most sites, apps, and services. Cybercriminals know this, which means they know that they likely can access other accounts if they can access one.

Don’t store your passwords in unencrypted locations

Sites and browsers are always “offering” to store or save your login information. It’s certainly more manageable, especially when using strong, unique passwords across multiple entities, but it increases your vulnerability. Storing all your passwords through a browser puts them at risk because if your account gets hacked, hackers have access to all your passwords by accessing one. Browser features are convenience-based, not security-driven.

No sticky notes, notebooks, or excel files

You try to follow suitable password hygiene protocols, using strong, unique, random characters, but then keep them all on notes on your desk, taped to your monitor, or in an unsecured note file or spreadsheet on your computer. Don’t do that.

Strong passwords

The level of vulnerability you face begins with strong passwords. These are unique for each login instance and don’t have easily identifiable or guessable patterns. While they do not have to be entirely random or unique, there are steps you can take to improve the strength of your passwords while still maintaining your ability to remember them.

What is a strong password
  • Strong passwords exceed the recommended character minimums
  • Strong passwords use phrases, not just words, to make them more memorable, yet less predictable
  • Strong passwords alternate numbers or special characters for letters where applicable
  • Strong passwords have combinations of letters, numbers, special characters in them
  • Strong passwords don’t have your username, your family name, easily associated dates in them
  • Strong passwords are real passwords, not defaults such as Password1234 or Admin1234, or variations of such
  • Strong passwords are unique to you, and should be protected, not shared
Strong password examples

The best, strongest passwords are random combinations of words and letters. You can use password generators to create them for you. But without a password management tool(highly recommended), there are ways to create strong passwords. A quick upgrade to passwords is to use passPHRASES, and intersperse characters and symbols.

Here are some examples of how to turn weak passwords into strong passwords:

  • Weak Password: LastPass123
    Example of a Strong Password: La5tP@55L2E
    Upgrade: Add numbers, symbols that are similar
  • Weak Password: FidoGoodDog
    Example of a Strong Password: MyF1D015thebE$t!
    Upgrade: Use a passphrase with numbers and special characters, alternating capitalizations (even better if you’re not a dog person!)
  • Weak Password: Password123
    Example of a Strong Password: rA3xf0$rCtHc
    Upgrade: Use a password generator
  • Weak Password: 123456
    Example of a Strong Password: Tw31v3_3of0vRtEE5-S!x
    Upgrade: Over 2.5M people were using this as a password last year. Create phrases within the groupings, and replace numbers, letters, symbols.

Learn More

LastPass for Business

Improve security, reduce the risk of data breaches, maintain convenience.

Explore LastPass Business

Request a Demo

See how password management can secure your business.

Request a Demo

LastPass Blog

Get updates, insights, news and tips from the LastPass team blog.

Stay Up to Date

LastPass Resource Center

All you need to improve security in one password management solution.

Go to Resource Center

Get started with LastPass Premium