Longer is stronger
Safe passwords have more than 12 characters (the more the merrier).
Don't give it up
Don’t share your passwords with other people or provide it in emails, phone calls or on suspicious websites.
Keep them guessing
Leave out personal information (e.g kids’/pets’ names) and words that could easily be guessed (e.g password)
Use a string of words that's easy for you to remember but hard for someone else to guess.
Do not recycle
Avoid using the same password on multiple online accounts.
Keep it fresh
Passwords don't get better with age. If you're worried yours is at risk - make a new one!
What makes a strong password?
Passwords, once considered the ultimate safeguard, are becoming less effective due to an emphasis on complexity. Complex passwords made it difficult for us to remember, and the logic easier for hackers and bots to crack. Despite this challenge strong passwords remain important. But what does strong mean?
The best way to secure your accounts is to use a passphrase. Using a passphrase requires less effort from you to remember, and more time and effort from hackers.
A passphrase is typically a password using 4 or more words totalling 14 characters or more.
Safer options are to use things that are not recorded, logged or traceable, like memories, slang words from childhood, lines from a song playing during your first kiss. It's your creative password licence.
- 'They will never get my recipe.'
- 'Only MC Hammer can touch this!'
- 'Moments with you in Whitsundays',
- 'Store bought coffee is not my cup of tea',
- 'It's like rain on your wedding day',
- 'It's the good advice that you just didn't take'.
By following this good advice, you'll create a strong passphrase and might have fun doing it.
Passphrases are not fool proof. It is not safe to use your birth year, the names of family members, the names of your furry companions, or references to well known passions or hobbies in your password. Remember that hackers feed bots as much of your personal information as they can in an effort to crack your password.
- Professional footballers' password: Soccer85
- Your son's surfing inspired password: Grommy2008
- Your password last year: Dashie05 (Dashie your furry friend)
- Your password this year: Dashie 06 (Dashie features 8 times in social media posts).
The information and features provided on this page serve as general awareness and education resources. We have made every effort to create a reliable tool. However, please be aware that no application or piece of software can ensure absolute security. Consult with security experts for professional advice, as needed, where appropriate.
The Password Strength Tester aims to promote improved password practices and increase awareness regarding the risks associated with using guessable, weak, or exposed passwords. ID Support NSW does not guarantee password protection, assume liability for errors, commit to updating the results, or provide a warranty for the Password Strength Tester. By using the content and tools on this page, users acknowledge and release the creators and operators of the Password Strength Tester from any associated risks. Users are advised not to copy or disclose any information without obtaining written consent from ID Support NSW.
Acknowledgements: The data source for the leaked passwords is sourced from Troy Hunts Pwned Passwords API (https://haveibeenpwned.com).