Tip 1 – Stop Using Passwords. Start Using Passphrases.

The advice to use lengthy passwords with symbols and numbers is outdated. Complexity is what matters. Passphrases give you complexity without the headache of memorizing gibberish.

What to do:

• Replace short passwords with passphrases: four or more random, unrelated words strung together (example: “marble-cloud-engine-spoon”)
• Aim for at least 16 characters – longer is always better
• Avoid words connected to you: no names, no birthdays, no pet names, no sports teams, nothing that shows up on your social media

Common mistake: Most people build passwords around things they know (their kids’ names, their anniversary, their favorite team) because they’re easy to remember. The problem is that anyone who spends ten minutes looking at your Facebook knows those things too. Hackers don’t just guess randomly; they use software that pulls from social media, public records, and leaked databases to build targeted lists. A passphrase made of four genuinely random words eliminates that attack entirely.

How to know it’s done:

• Every business account uses a passphrase that is at least 16 characters and not connected to anything personal
• You’re using a password manager to store them (more on that in a moment)