A strong password is designed to be hard for a person or program to guess. It is a measure of the effectiveness of a password against guessing or brute-force attacks. A strong password should have high entropy, which is usually taken to be equivalent to randomness, and not be readily derivable by any "clever" pattern. It should also not be mixed with information identifying the user. The key aspects of a strong password are length (the longer the better), a mix of letters (upper and lower case), numbers, and symbols, no ties to personal information, and no dictionary words. A good password should meet the following requirements:
- An English uppercase character (A-Z)
- An English lowercase character (a-z)
- A number (0-9) and/or symbol (such as !, #, or %)
- Ten or more characters total
Passphrases are also a good option for strong passwords. They are longer and more complex than passwords and are easier to remember but more difficult to guess. A passphrase should be 16 characters or more, and it should use a mix of alphabetical and numeric, a mixture of upper and lowercase, and special characters when creating a unique passphrase. It is important to use a different password for each important account, like email and online banking, to prevent unauthorized access to personal information.
