How to Set a Secure Password

Create a password that is hard to guess or steal. Avoid using words or phrases that are particularly significant to you—such as birthdays or family members' names. These are the types of information that others can easily uncover after some digging.

• Additionally, do not use default passwords as they can be easily compromised. Examples of default passwords include password, password123, 1234, admin, and guest. These passwords can often be found on the Internet.

Do not share your password. You risk having your information stolen if you allow others to use your online accounts.

Ensure your password is sufficiently long. Passwords should be at least 8 to 10 characters long, and longer passwords offer even greater security. However, some websites or applications may impose limits on password length.

Use a mix of uppercase and lowercase letters in your password. Avoid placing uppercase letters consecutively, and the same goes for lowercase letters. Mixing them up makes the password harder to guess. Examples include passwords like "LaLoTuTu_" or "NhaOCaoBaQuat#1500".

Incorporate spaces into your password. Many password systems do not allow this, but if the system permits it, adding spaces can enhance security. Alternatively, one or two underscores "_" can serve a similar purpose.

Use similar but distinct passwords for multiple accounts. You can use a common base word to make your passwords easier to remember while still keeping them secure. For example, "LaLoTuTu_" could be modified to "con toi LamLongTuyetTung", and "NhaOCaoBaQuat#1500" could become "1500*nha dau tien cua toi o Cao Ba Quat".

Record your password and store it in a secure location. Choose a spot far from your computer (and prying eyes), but ensure you can easily access it. If you forget your password, you can retrieve it without much hassle.

• When recording your password, consider encrypting it using a specific pattern to make it harder for others to guess. For example, ri7%Gi6_ll could be written as 2tk9&Ik8_nn (the encryption rule here is +2 for each character). This means each character is shifted by two letters or more from the original password.

Use a sentence or phrase as the foundation for your password. This is a crucial step in creating a complex, hard-to-guess yet easy-to-remember password. Remember, the password should meet a certain length requirement (at least 8 to 10 characters) and include a variety of character types (uppercase and lowercase letters, numbers, spaces, underscores, etc.). While you should avoid using personal information that others can easily guess, it’s convenient to create a password you can easily recall. Develop a phrase or sentence that resonates with you, and it can serve as a strong foundation for your password.

• Consider the PAO (Person-Action-Object) method developed by computer scientists at Carnegie Mellon University. Simply choose an image or photo of a memorable person performing an action with an object—then combine them to form a phrase (which can be amusing or nonsensical). By selecting specific characters (e.g., the first three letters of each word) from the phrase, you can create a memorable password.

Use a sentence or phrase to create an easy-to-remember password. By extracting certain letters from your phrase, you can craft a memorable password (e.g., using the first two or three letters of each word in your phrase and combining them in sequence). Ensure your phrase or sentence includes uppercase and lowercase letters, numbers, and special characters.

Come up with a complex yet memorable phrase or character sequence. You can use a phrase or sequence of characters that appears random but is easy to remember. This sequence can serve as the "base word," to which you can then add special characters or numbers.

• If your children’s names are Lâm, Long, Tuyết, and Tùng, the base word could be "lalotutu"—combining the first two letters of each name. If your first house was on Cao Bá Quát Street, the base word could be "nhaocaobaquat".

Include at least one letter, number, and special character in your password. You can add underscores (or other random characters) and numbers to create something like "lalotutu_", or incorporate special characters into words to form "nhaocaobaquat#1500".

Memorize your secure password. For example, the sentence "My mother was born in Saigon, Vietnam on January 27th" could become a password like MtsroSG,VNvn27tM, or the phrase "The radio show starts at 9:10 AM on Monday, Wednesday, and Friday" could be transformed into "Ctrbd@0910stH,tT&tS".

Consider using your computer's character map or special character table to (optionally) insert special characters into your password. On Windows, you can find this option in the Start menu by clicking All Programs, then Accessories, followed by System Tools, and finally selecting Character Map. Mac users can simply choose Edit at the top of the browser menu and select Special Characters at the bottom of the Edit menu. You can then replace certain letters with special characters to make your password harder to guess.

• These special characters can replace standard ones, but note that some password systems may not accept all available characters. For example, the password "ЅϋΠЅЂιηξ" could replace "Sunshine".
• Remember that you’ll need to re-enter this password when accessing websites or apps, so consider the difficulty of repeatedly using the character map for password entry. You might find this process too cumbersome.

Remember to update and diversify your passwords. Avoid using the same password for multiple logins, and don’t keep the same password for several months in a row.

Choose a password manager. Essentially, this tool automatically manages multiple passwords (for apps and websites) by simply requiring you to enter a master password—simplifying the process of creating and remembering passwords. A password manager generates, stores, and verifies complex, secure passwords for each login, allowing you to only need to remember the master password. Popular options include LastPass, Dashlane, KeePass, 1Password, and RoboForm. Many articles and websites provide detailed reviews of these and other programs.

Download and install the password manager. The specific steps will vary depending on the program you choose, so ensure you follow the instructions carefully. Generally, you’ll need to visit the developer’s website, click the "download" button, and then follow the installation steps for your operating system.

Set up the password manager. Again, the process will differ based on the program. However, the basic steps involve creating a strong master password that allows the generation and/or maintenance of unique passwords for websites and apps for easy access. Most popular programs feature user-friendly interfaces.

Customize the options. Most top-tier password managers offer the ability to use the master password on a single computer or sync it across multiple devices, so be prepared to decide what works best for you. Typically, you can choose whether the program should automatically log you into sites, check passwords to ensure they are unique and updated regularly, and more.

Avoid using default passwords. Some common default passwords include: password, guest, user, admin. These passwords are widely available on the Internet, and many computer systems prohibit their use.

Avoid sequential number patterns. Number sequences like 1234, 911, 112, 31415, 27183, or 0000 are easily guessed because they are commonly used.

Use more obscure and complex passwords. Instead of using a password like "pr0d@dmin" (which was exposed in the DigiNotar breach), reverse the letters to create something like "0@imdndpr".

• Change your password regularly or whenever you suspect it may have been compromised, and avoid reusing old passwords. Some company policies or business regulations may require this.
• Do not use your name or username as your account password.
• Choose unique and secure passwords for each type of account. Your ISP (Internet Service Provider), email, and social media accounts (etc.) should all have different passwords. Do not reuse passwords for banking and email that you’ve used for your ISP login.
• Avoid obvious base words like names, birthdates, or significant dates. These types of passwords are far easier to steal than complex, impersonal phrases.
• Try using nonsensical words or phrases for added security. Combine them with numbers to create memorable yet secure passwords like "phamo9468".
• Consider using accented letters in phone passwords. These are harder to guess but easy to remember!
• Don’t forget where you’ve stored your password if you’ve written it down.
• Hackers often use powerful tools that can try numerous combinations of letters, numbers, and special characters. The more complex your password, the longer it takes to crack.
• Start with a word (e.g., "tien"), reverse it (neit), and insert your birthdate in the middle. For example, if you were born on February 5, 1974, your password could be "thang2n5e19i74t". While it might be slightly harder to remember, it’s nearly impossible to steal.

• Do not use the passwords listed on this page. These passwords are publicly available and easy to find.
• Avoid writing down your password in easily visible or accessible locations.
• Never disclose your password. Someone could eavesdrop, or the person you share it with might intentionally or accidentally leak it.
• Avoid using web services that send your actual password via email when you click "forgot password" instead of providing a temporary password or a password reset link. This indicates that the service stores passwords using two-way encryption or even plain text, meaning their password storage is insecure.