Password Security Tips and Mistakes to Avoid

password security tips

Key Takeaways:

  • Password Complexity is Key: Weak passwords present a major security risk; hackers exploit them easily. Utilizing longer and more complex passwords with letters, numbers, symbols and unique patterns will significantly enhance security.
  • Use Password Managers: Password managers provide a safe way of creating and storing strong passwords, mitigating keylogger risks and streamlining multiple account management.
  • Diversify and Regularly Update Passwords: Reusing passwords across accounts poses a grave security risk. If one account is compromised, all linked accounts become susceptible. Therefore, using unique passwords for each of your sensitive accounts – banking or email are among them – is crucial.

Hackers and Internet sleuths are becoming more sophisticated at hacking online accounts. Most of this is due to individuals using a weak password that is simply too easy to replicate. 

And many websites, email service providers, and other online companies that require you to create a login password now offer prompts to help assist you in boosting the security strength of your password. 

These prompts may force you to use a series of letters, numbers, and characters, but even with these more secure password requirements, you may leave yourself at risk of possible hacks.

While you may never be 100% safe and secure, there are a number of ways you can go about boosting strong password security, both for your personal and professional accounts. To help with this, here are our top password security tips you absolutely need to use.


For a quick and fast approach to creating secure passwords for your online accounts, follow all of these steps to make sure hackers don’t gain access to sensitive information: 

  • Make sure you create complex passwords that are 12-15 characters in length
  • Use a password manager to store your passwords
  • Don’t use the same password across all of your accounts
  • Frequently change your passwords — especially if you have been compromised
  • Properly utilize Security Questions to avoid identity theft
  • Implement multi factor authentication wherever it’s available


The first of our password security tips is to avoid using a short password, because short passwords are easier to hack with brute force techniques. 

Ideally, you’ll shoot for the 12 to 15 character length, although you can make it longer if you like (just make sure you’re able to remember it).

Don’t just use 15 straight letters on the keyboard either. You need it to be difficult to guess. “QWERTYUIOP” isn’t a strong password that is difficult to guess. If you struggle to come up with something on the longer side consider using a saying without the spaces.

Perhaps your grandmother used to say “Oh me oh my.” Well, you can turn “grannysaidohmeohmy” into a password, and few people are going to guess it. And, if you want to mix it up and the service provider requires you to add letters, numbers, and symbols to strong passwords, you can always change it to “Granny$a1dohmeohmy.”

Nobody said you couldn’t get creative or have fun with your password creation.


Many operating systems now come with a built-in secure password manager. This makes it easier to log into your accounts without actually memorizing and typing in a different strong password to gain access to your accounts. 

Having a trusted password manager allows you to create more robust and strong passwords. It also helps you in the event that a keylogger has been installed on the computer. 

A keylogger records your keystrokes and then sends the information out. If you type your full password the keylogger will record this and someone monitoring the information will then be able to get into whatever account you accessed.

The only downside with using a password manager is if you need to log into your account on a different computer and you can’t remember your password. Outside of this potential issue, password managers do help with your account security.

Keep one thing in mind though. 

If you use a public computer, or if multiple people use your computer, don’t use  browser-enabled password managers. Browser security is key, and browsers like Safari and Chrome have this feature built in. 

Yes, it is helpful, but it isn’t going to do you much good if someone else uses the computer. And if you decide to sell the computer when upgrading, make sure all this information is purged.


Don’t use the same passwords across the board. Because if someone hacks your account and manages to steal your password they will then be able to hack into every single one of your accounts. 

That’s not a good situation and even strong passwords don’t protect you from that.

If you struggle to remember a dozen different complex passwords (you’re not alone), you can keep your email passwords the same and focus on using different passwords for your sensitive accounts, such as your online banking or credit monitoring accounts. 

While someone sneaking into your Instagram account is annoying, someone sneaking into your online checking account can be devastating. Protect yourself by using different passwords whenever possible.

And if multi-factor authentication features are available, then use those too for added password security. 


Some services might tell you to change your password every few months. Realistically this isn’t necessary. If you have a long, tricky password, the chances of someone hacking your account now versus six months from now won’t be different.

However, if you think someone might know your account password and login credentials, it is essential to change it up. 

It doesn’t matter if you know this for a fact or you just have a hunch, you will need to log onto your account using a different device you know isn’t being monitored (such as through your smartphone) and then change the password.


When setting up a new account and password some services will ask you to fill out a security question. This is used in case you forget your password or login information. 

Don’t use something that can be easily guessed or Googled. Finding out your mother’s maiden name is easy. If a person can hack your account you better believe they know how to Google your mom’s name.

Instead, you need to set up a security question and answer that someone is not able to look up or guess. 

Don’t go with what car you first owned or what school you went to. Unless, that is, you make up the answer. Nobody said you need to be truthful with the security questions and answers. So if it is easier for you to remember a false answer and you know it’s impossible to look it up online, go ahead and fib away.

Maybe the answer to your first car question is an outrageously expensive hypercar or even one that you had hanging as a poster on your teenage bedroom wall. 



If you’re like many individuals, you’re probably using the same handful of passwords for just about everything you do. If you want to reuse passwords for Facebook and Pandora, that’s your decision, but don’t use the same password for your American Express card, your debit card, your Facebook, and your smart TV. 

You also need to avoid recycling your passwords. What does this mean? 

Well, often, websites requiring passwords will have you change your password every few months to “improve password security.” The problem with this is most people will simply swap in a different password they’ve been using on another website or service. 

This really doesn’t make you any safer. 

In fact, whenever you swap out and recycle an old password for what you’ve been using, you actually make yourself more vulnerable. If you’re required to enter a new password, make it an actual new one, not one you’ve been using on and off for the last decade.


Even if you haven’t fallen victim to the other pitfalls of passwords, there’s a good chance you haven’t done this before. Screening your passwords doesn’t take long to do and will give you extra peace of mind knowing your passwords are more challenging to steal. 

Believe it or not but there are commonly used passwords that you don’t even realize are common. 

Ideally, you’ll do what you can to avoid using these kinds of common passwords. There are a number of services out there that will compare passwords and tell you how common what you’re considering is., for example, is an excellent service that is free to use.

When entering the new password through your computer, it might try to auto-generate one. These are especially secure because it’s just a random series of letters, numbers, and symbols. The problem is you’ll likely never remember it. So when creating your own password, make sure to screen it.


So you probably don’t use the old “1234” or “abcd” password (at least we hope you’re not), but there are other passwords that are obvious to you. Obvious passwords mean they are common phrases or information about you that is easily obtained. 

It can be something like your address or your birthday. Don’t use birthday numbers of children either (you can use some of the numbers but combine this with a completely different line of text to ensure it’s not easily guessed).

Even using your pet’s name can be something you don’t want to do. 

Sure, cybercriminals might not know the name of your second dog, but friends and family might, and there might be times where they try to get into your accounts for one reason or another. 

If, in the event of an emergency, you want your loved ones to be able to find your passwords, you can write them down and put them in a safe location (such as a safety deposit box at the bank). 

But in general, do whatever you can to avoid the obvious passwords.


Your computer might save some passwords for you and then keep the information encrypted for later use. 

This can be helpful at times, although eventually, you might discover that you can’t remember any of your passwords when logging onto a new computer or phone because you haven’t actually typed in your password in months (if not longer). 

However, what you want to avoid doing at all costs is actually typing and saving a document with the cheat sheet information on it. 

This likely isn’t encrypted, which in turn will leave you completely exposed if there is malware or spyware on your computer. Should this ever happen, the individual who hacks onto your computer or phone will have every single password for all your accounts and likely exactly where to use the passwords. 

You might as well hand over all your personal data to a complete stranger with that lack of password security. Because of this, do not ever save a cheat sheet. If you want to create one, write one down and don’t travel with it. Keep it hidden where nobody will find it.


With these tips and tricks, you can easily avoid many of the most common mistakes others make with their passwords. Maybe you’ve been doing some of these in the past. Perhaps you didn’t even realize what you were doing could potentially set you up for financial ruin. 

Here at Charlotte IT Solutions, we want to do everything in our power to protect you and your business assets. 

This begins with improving the strength of your passwords, but it doesn’t stop there. If you run your own business, regardless of the size or how long it has been active, you need to do everything you can to protect yourself from online criminals.

From implementing new cybersecurity measures tailored to fit your business needs to helping you safeguard at-home employees, we will go the extra mile to keep your business in business and away from cyber hacks. 

If you’re interested in learning more or are ready to protect your business’ online integrity properly, give us a call or send us an email today.