How to know if you have a strong password? Want to be able to create a strong password?

If your answer is yes and no then continue and read to learn !

There are a number of characteristics that characterize a strong password. All typed passwords are constructed based on a number of characters. As a result the characteristics of a strong password is related to the following:

  1. Characters
  2. Length
  3. Change

Let’s have a more detailed look at these characteristics to see what make them a strong


When creating a password it is highly recommended to stay away from using any personal information as your password. This means that the names of your children, friends, addresses or even the name of a pet are all poor password and should be avoided. It is even recommended to not use any words found in a dictionary since hackers easily can test all words in a dictionary.

Ideally, the used characters in a password should be randomly selected. So if you can use some sort of password generator then do so. Note that if you do use a online password generator make sure to generate at least 4-5 different passwords and choose one of them manually to avoid online fishing attacks.

If you cannot use a password generator then there are some tricks that you can use to generate a (pseudo-random) password.

Using an entire phrase or sentence as a base, a so called passphrase, and then by picking the first, or why not the second, character in each word for you password will most probably generate something that looks random for others, i.e. hard to guess, but at the same time it is easy for you to remember.  It recommended that you avoid using known sentences, phrases or quotes such as “to be or not to be, that is the question”.

On the topic of remember, make sure to memorize the password and not to write it down.

Make sure to use upper and lower case letters together with special characters and numbers to create passwords like ”0e=A#&Ei1l”, i.e. use A-,Z a-z, 0-9 and special characters such as !”#¤%&/()=*^_-*+.  Now, some system does not allow any special characters nor maybe they don’t differentiate between upper and lower case letters. Regardless of these two short comings (of the system, not you), try to switch to the best of your ability in accordance to the rules set up the system.

Make sure to use at least one, preferably more, of each type of character in the password. One way to do this is to replace letters with numbers or special characters. Here are some suggestion for replacements that you can do

  • Replace any typed number with its numeral character (e.g. “two” becomes 2)
  • Replace ‘ ‘ (space) with ‘%’
  • Replace ‘a’ with ‘@’
  • Replace “at” with ‘@’
  • Replace “are” with ‘r’
  • Replace “and” with ‘&’
  • Replace “be” with ‘b’
  • Replace ‘E’ with ‘3’
  • Replace ”for”with ‘4’
  • Replace ‘i’ (small I) with ‘’!’
  • Replace ‘I’ (capital i) with ‘1’ (one)
  • Replace ‘l’ (small L) with ‘1’ (one)
  • Replace “nothing” with ‘0’ (zero)
  • Replace ‘o’ (small O) with ‘0’ (zero)
  • Replace  ‘O’ (capital o) with ‘0’ (zero)
  • Replace ‘s’ (small S) with ‘$’
  • Replace ‘S’ (capital s) with ‘$’
  • Replace “to” with ‘2’
  • Replace “we” with ‘v’
  • Replace “you” with ‘u’


The number of characters in the password is very important and widely debated. Recommendation range from at least 6 up to 12-15 characters.

As an  example, there are 256 different ASCII signs in the extended ASCII table, including language specific signs, such as the Swedish Å Ä and Ö. Not all signs can be used in a password so, for simplicity, lets assume that 100 of these can be used. In this case, for each character in the password there are 100 different possibilities. As see in the table below, as the number of characters are increase by 1 the number of possible combinations increase by 100 times.

Nr of chars





10 000


1 000 000


100 000 000


10 000 000 000


1 000 000 000 000


100 000 000 000 000


10 000 000 000 000 000



Change, which does not actually have anything to do with the actual password, is a final characteristic that should be handled correctly.

First, do not use the same password in every account you got. To create a unique password for each site or application is absolutely preferred. If you don’t have the ability to remember one password for each account you got then at least pre or post fix your password with something that is related to the system, e.g. prefix your password for Facebook with “fcbk” or something similar which you remember.

Secondly, for each account change your password somewhat regularly. Do not have the same password on a site for too long. The point is that by changing frequently you make it harder for hackers to guess your password.

Finally, make sure that the new password significantly different from previous passwords. This means that you should not reuse old passwords. If you have too reuse an old password for some reason then avoid using passwords which are used within the last year or two.


In summary, I hope you have found this article interesting. If you have any other ideas for how to create a strong password then please let me know and add a comment!

Personally I have been using Lastpass to generate, manage and store my password for roughly six months now and I can only recommend you to try it out. It is simply a great tool to use. So jump over to Lastpass and sign up! Btw, I’m not affiliated with them in any way, I simple like their product.