How to choose a password that is strong enough

If you want to know how to choose a password, follow those simple rule: Create a long passphrase.

A complex password that is hard to remember is only going to frustrate users into writing them down, completely missing the point of having a strong password.

how to choose a password 1

Do you want to choose a password that would take millennia to crack? Choose something like:


How much time is needed to crack such a password?

how to choose a password 2


On a more technical side, the National Institute of Standards and Technology, has recently published its four-volume Digital Identity Guidelines.

Among other guidelines, the published document explains how to choose a password and what works and doesn’t work anymore in terms of passwords protection:

  1. Complex passwords are not needed. If you want to a good password, choose a pass phrase.
  2. Password Expiration is an old solution to an old problem. There is no need for a password change unless a compromise took place.
  3. Let people use password managers.


Of course, a password is better than no password!

What do you think about these updates?


Mohamad El Hout, MBA, M.Eng., CISSP

Mohamad is an entrepreneur and a Senior Security Consultant dealing with the design and delivery of standard and complex security gateway solutions, covering a wide range of cutting edge technologies. His interests include business, technology, leadership, sports, and the continuous pursuit of knowledge.

%d bloggers like this: