Passwords provide the first line of defense against unauthorized access to your computer. The stronger your password, the more protected your computer will be from hackers and malicious software. You should make sure you have strong passwords for all accounts on your computer. If you’re using a corporate network, your network administrator might require you to use a strong password.
What makes a password strong (or weak)?
A strong password:
- Is at least eight characters long.
- Does not contain your user name, real name, or company name.
- Does not contain a complete word.
- Is significantly different from previous passwords.
- Contains characters from each of the following four categories:
Character category
|
Examples
|
---|---|
Uppercase letters |
A, B, C |
Lowercase letters |
a, b, c |
Numbers |
0, 1, 2, 3, 4, 5, 6, 7, 8, 9 |
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces |
` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] \ | : ; ” ‘ < > , . ? / |
A password might meet all the criteria above and still be a weak password. For example, Hello2U! meets all the criteria for a strong password listed above, but is still weak because it contains a complete word. H3ll0 2 U! is a stronger alternative because it replaces some of the letters in the complete word with numbers and also includes spaces.
Help yourself remember your strong password by following these tips:
- Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as My son’s birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4 for your password.
- Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, My son’s birthday is 12 December, 2004 could become Mi$un’s Brthd8iz 12124 (it’s OK to use spaces in your password).
- Relate your password to a favorite hobby or sport. For example, I love to play badminton could become ILuv2PlayB@dm1nt()n.
If you feel you must write down your password in order to remember it, make sure you don’t label it as your password, and keep it in a safe place.
(Comment from UA: A better solution is to use a password manager tool such as Lastpass to keep your passwords for you. You only need to remember one strong password (make sure it is a good one as it is the “keys to the kingdom”) and then use Lastpass to generate super strong ones for all your other needs and remember them for you. 2 Factor authentication is always a good idea when it is available.)
Creating stronger passwords using ASCII characters
You can also create passwords that use extended ASCII characters. Using extended ASCII characters helps make your password more secure by increasing the number of characters you can choose from to create a strong password. Before using extended ASCII characters in your password, make sure that passwords containing them are compatible with the programs that are used by you or your organization. Be especially cautious about using extended ASCII characters in passwords if your organization uses several different operating systems or versions of Windows.
You can find extended ASCII characters in Character Map. Some extended ASCII characters should not be used in passwords. Do not use a character if a keystroke is not defined for it in the lower-right corner of the Character Map dialog box. For more information, see Using special characters (Character Map): frequently asked questions.
Windows passwords can be much longer than the eight characters recommended above. In fact, you can make a password up to 127 characters long. However, if you are on a network that also has computers running Windows 95 or Windows 98, consider using a password that is no longer than 14 characters. If your password is longer than 14 characters, you might not be able to log on to your network from computers running those operating systems.