Tips for creating secure passwords

Passwords are often a weak point in computer security, as they depend on human fallibility. Since many passwords often have to be remembered, users make two main mistakes:

• Using short, easy-to-remember or to-guess passwords
• Reusing the same passwords for several different services.

A password should be long enough to avoid being found too easily by "brute force" (a program tries all possible combinations of numbers and letters: below 6 characters, a few seconds or minutes are sufficient). A minimum of 10 characters combining upper and lower case letters, numbers and special symbols (&%*+-) should be used.

Tip: you can create a long, yet easy-to-remember password by combining two words together and adding numbers. Examples: article-knees-8435, picture-speaker-57 (18 characters each, passwords considered secure despite the absence of capital letters).

Various websites (including https://bitwarden.com/password-strength/) provide information on the strength of a password.

A separate password should be used for each website and service. Indeed, in case of a data leak, a hacker will try to reuse the same password on another site and could easily access the accounts of a careless user.

A password is personal and should never (with rare exceptions) be shared with a third party. A password should never be written on a Post-It note stuck on the screen or sent by e-mail, SMS, chat or other means leaving traces.