A Guide to Creating A Secure Password For Your Website


Your website is an online beacon to your business. Our clients usually find themselves overwhelmed, not by the overall design of their site—instead by what they should use as a password.

From a security standpoint, it is very important to create a password that is hard for hackers to crack. But, from a business stance, a password should be easy to remember and enter.

In many cases, the most effective passwords contain a random string of letters (upper and lower case), numbers and symbols that look kind of like this:


I don’t know about you, but that would be a difficult password to remember. As a result, many clients choose simple passwords such as their alma mater, their child’s name, the name of a pet, etc. These types of passwords are easily hacked and aren’t necessarily witty.

The Hacker’s Approach

There isn’t any one-size-fits-all solution to creating a password. Some clients add characters to a basic password like: hannah1995 or hann@h. Unfortunately, these modifications are just as vulnerable as the original.

The first step to improving a password is to understand what hackers do to unearth passwords. There are 3 methods that are generally used.

The Standard Dictionary Approach

Using an automated system, hackers try every word in the dictionary, including sports teams, names and places. There is no word left unsearched starting with aardvark and ending with zygote.

The Advanced Dictionary Approach

If the above technique is exhausted, hackers then move onto this approach. While it can take considerably longer to crack, this technique uses an automated system that adds prefixes, suffixes and special characters. Hackers will search for passwords, such as hannah1906, 12hannah or h@nnah and hann@h!

They will even take it a step further and add combine come phrases in an attempt to get their hands on a valuable password, such as bigdog, stripedzebra, or tonythetiger.

Password War Approach

This is approach is usually used as a last resort. Once again they use an automated system, but this process can take a very long time to complete and in most cases is unsuccessful. Hackers search for random strings of characters to find the perfect match. So, even passwords such as K!g0xx#Y79LpQ@ are not safe.

So where is the line in the sand?

As a rule of thumb, you should try to think of a phrase that is anywhere between 12 and 18 words long. The most success way to remember the phrase is if it is significant to you. For example:

I married my lovely wife in May of 1999 and we have been happily married ever since.

You can then take the first letter of every word to make it into a password. To ensure that it is fool-proof added upper and lower cases and special characters. Here is an example of the phrase above.


Another great way to create a hack-proof password is to choose 3-5 random words that have no correlation to one another. They shouldn’t mean anything to you either (no names, dates, teams or places). Here is an example of a good password:


While these words can be found in the dictionary, they are in no way related to one another and will be hard to decipher.

To take it a step further, you can add special characters, like:


Hopefully, these tips will get you fast on your way to creating passwords that are easy to remember, but difficult to crack.

More Advice

  1. Do not share your password with anyone
  2. Never write your password down
  3. Create different passwords for different users and accounts

If you have any questions or concerns don’t hesitate to contact our development team at updates@greatcirclestudio.com

Leave a Reply