The most common password used on the internet is “password”.  And sad to say, people use the same password on several sites. You have access to one, you have access to all. This allows cybercriminals to build up a database on you and can lead to fraud.

So what is a good password? First, take a look at this list. Don’t use any of those passwords. Next, read Kaspersky Antivirus’s 6 bad ideas for a password. However, ignore Kaspersky’s rule for developing a good password.

A good password is 3 or 4 long words that you will remember. For example, you could something  like a color + a shape + an object. So maybe YellowRoundMonkey. Then just picture a yellow round monkey and you’ll remember your password. Another idea: OrangeMotorcycleBlueLagoon. Then just think of an orange motorcycle driving into a blue lagoon and you got it. If a website insists on using a number, then add several numbers you’ll easily remember at the end.


However, always use a different password for each bank, credit card, and email website! If the website doesn’t disclose personal information, such as message boards, it is okay to use the same password for each of those. What is helpful is a password-protected spreadsheet with the passwords. Be sure the password for the spreadsheet is also different. Or you can have a notebook and write in this notebook the passwords. Just make sure you write as clearly as possible your usernames and passwords.

These are long passwords that are easy to remember and have nothing to do with your life so they are difficult to guess. If your password is hard to figure out, cyberthieves will move on to someone who does have a weak password. No amount of security can stop targeted attacks against you. But, honestly, unless you work for the CIA or some business some (read: anarchists) consider “evil”, then you won’t be targeted.

While you are improving your passwords, be sure to change the answers to security questions to be bogus answers. And write these down in your spreadsheet or notebook. This way, even if someone learns about you they won’t be able to answer your security questions and thus won’t be able to reset your password. For example: The answer to a common security question “What is the name of your first grade teacher” could be “James Bond”. The goal is to make hard so that the cybercriminal will move on.