Qamba Knowledge Base

What makes a password good?

You are here:

This article is based off some of the principles and information provided by Microsoft, NIST, NCSC & ACSC.

Rules to follow

  • 8 characters minimum – The longer the better, length is more important than complexity. Think passphrase instead of password.
  • Easy to remember – It’s not just about security, a password is not good if you can’t remember it.
  • Nothing personal – Don’t include any personal information. This includes parts of names, birthdays, phone numbers, etc.
  • Unique to you – If it’s possible someone else in the world may be using the same password, it’s not a good password.
  • Brand new – Do not reuse old passwords.
  • Only for you – No one else should know your password. If someone else knows it you should change it.

A method for password creation – three random words

Passwords (or rather passphrases) made of 3 random words provide a balance between security and memorability. Add in a number and a symbol and you have yourself a long, easy to remember, unique password.

  1. Select a random word. This could be something on your screen currently, outside or something from a random word generator.
  2. Select another two.
  3. Choose a 2 digit number – It could be the current time, a random number, ideally not something personal.
  4. Pick a symbol you like (or two): ! @ # $ % ^ & * ( ) _ + < > ? – =
  5. Combine them all together in an order you like.
  6. Capitalise one word, all words or just a part of the password, whatever seems memorable to you.

Examples of what your long password might look like :
(DO NOT use these examples, they are not unique to you)

  • Free-Dance-Kindle-293
  • 83Kindly,Decision,Bikes?
  • NORTH3gentle3hour!
  • MASS_SAVE_shrink_31
  • Don’tFreeMalicious55

We have a password generator here for those who want some ideas of what their password could be.

More Tips

  • Avoid using the same password for everything, if one password needs to change you can lose track of which password is for which account.
  • Make one of the words provide you a hint for what the password is for. This helps keep track of what is what.
  • Writing down part of a password to act as a hint in a secure, locked location is better than using a bad password.
  • Password managers mean you only need to remember one password, considering using one if you have many accounts.
Table of Contents