Passwords & Passphrases
Your password is your first line of defence. Weak or reused passwords are one of the most common reasons accounts get hacked.
Common mistake
Using the same password on multiple apps. If one site gets breached, attackers try the same password everywhere.
What makes a strong password?
Strong password checklist
- Long (12+ characters is a good start)
- Unique for every account (no re-use)
- Hard to guess (avoid names, birthdays, simple patterns)
- Prefer a password manager for storage and generation
Passphrases (recommended)
A passphrase is a longer phrase that’s easier to remember but still strong.
Example passphrase
River-Train!Purple-Coffee-2025 (long + mixed + memorable)
Best practice
- Use a password manager (Bitwarden, 1Password, etc.)
- Enable 2FA on important accounts
- If you suspect compromise, change passwords immediately
Key takeaways
- Length + uniqueness beats cleverness
- Never re-use passwords across accounts
- Password managers make strong passwords realistic
- 2FA adds a second protective layer