Importance of Password Security

Passwords have become a part of our everyday lives; our phones, online accounts, and computers are protected by passwords to keep information safe. Despite an emphasis placed on strong passwords, many people do not follow safe password standards. This has created a large gap in cybersecurity. Hackers are finding it relatively easy to crack passwords, and as soon as one password is exposed, all your other accounts are at risk. 

In honor of World Password Day, we wanted to give you some helpful tips for creating passwords. Whether you are brushing up on your cybersecurity or figuring out where to begin, here are some common things to do and avoid when creating passwords.

Avoid Common Words and Phrases

One of the most prevalent issues in password creation is using common words and phrases for a password. While this is convenient, it ultimately gives hackers an advantage. Fraudsters can use a software program that can take words from the dictionary and run them against your password, making them easier to expose.

Words and phrases that are most commonly used as passwords (and should be avoided at all costs) include:

  • Password
  • Qwerty
  • Monkey
  • Iloveyou
  • Abcdefg

Don’t Use Personal Information

It can be tempting to use information from your personal or work life to create a password, but it is best practice to stay away from using any identifying information. Because this information can be easily discovered by hackers on social media, hackers can take this information and use it to crack your passwords and security questions.

Never Recycle a Password

Never reuse a password you previously used for a different website or app. It is easy and memorable, but this is often how hackers can get into multiple accounts. Website security is not equal on all websites. The level of security for a magazine order website is typically not as strong as one for a bank. If you use the same password for both, and the magazine company is breached, fraudsters can now access your bank accounts.

It is best to create different passwords for every account you have to help keep your information safe.  

Lengthy Passwords

The best defense against hackers is lengthy passwords.  Fraudsters are able to use software to hack passwords. As their software becomes better, it becomes easier and easier to hack. As the fraudsters get better, the recommendation for password length keeps increasing.

The recommended length for a password is at least 13 characters, so as you are creating new passwords, remember that the more lengthy, the better.

Use a Password Manager and Generator

Many are guilty of storing passwords in a document on your computer or on your phone. While this is convenient, it opens up a door for a hacker to access your other accounts. 

One of the best ways you can help protect your passwords and personal information is to use a password manager. Password managers store all your passwords in a database and encrypts all information you store, so no one else can get to them. Your passwords are protected by one master password only you know, so all you need to remember is one password instead of memorizing hundreds.

Most password managers will also generate secure passwords for you, so that you can easily update and fill in information, without having to take up a lot of time creating a secure password.

You can find good password generator companies by searching in your app store. Look for companies that have a lot of downloads and good ratings.

Utilize Two-Factor Authentication

If an online website or app offers you two-factor authentication, use it! Two-factor authentication is an added layer of security used to protect your online accounts beyond just a username and password.  This tool is a secure way to help  ensure that no one logs into an account without security measures in place.

Determine Which Passwords Have Been Compromised

A lot of people get overwhelmed when it comes time to change their passwords. A good place to start is to determine which passwords are already compromised.

There are websites available to help show you which of your email addresses and passwords have been exposed in a data breach. Google Password Checkup and 'Have I Been Pwned' are great resources, as you can enter in an email address and easily see if your email was involved in a data breach with a particular company. This will give you a good idea as to which passwords you should change immediately.

Here at Blackhawk Bank, we want to make sure that your information is secure and doesn’t end up in the wrong hands. To learn more about information security, check out the National Cybersecurity Alliance at If you are interested in learning more about how Blackhawk Bank can help you, contact us today!


Jessica Hendon, CFSSP
VP Physical & Information Security