Return to The Money Mentor Blog

Identity theft protection: strong passwords

passwords and using a password manager
May 15, 2017

By Pam Leibfried

In a previous identity theft risk post, I wrote briefly about changing your passwords to make them more secure. In today’s post, we’ll examine the characteristics of easy-to-hack passwords, review how you can create strong passwords, and then talk about the pros & cons of using a password manager.

Security experts talk a lot about the importance of using passwords that are unique. But what does it really mean? Strong passwords are unique in two different ways: They should not be commonly used or easily hackable, and they should be used for only one site. “Reuse and recycle” may be a good mantra for using paper goods, but it is dangerous when it comes to passwords!

How to create strong passwords

In several reviews of breached login and password databases, security analysts found that the most common passwords were “123456” and “password.” If you’ve created a password like that, with a single word or consecutive numbers, you are putting your accounts and finances in jeopardy.

You take the same risk when you use a term that many people would associate with you, such as your first or last name, your phone number, your favorite hobby or team, or the name of your child or pet. My friend Karen, for example, is a huge Bruce Springsteen fan, and her Twitter feed is filled with links to videos and photos of him. If she were to use the password “Bruce or Springsteen,” anyone trying to hack her accounts would have an easy time doing so.

Even if you know that password security is important, how do you create a password that is hard to hack yet easy to remember? Try using complex passwords created from phrases, words spelled backwards and a mix of letters, numbers and special characters.

Password security = no password recycling! 

The advice to create a different, secure password for each site you use is too often ignored, especially as the number of logins and passwords we use has grown over the past few years. Many people feel that remembering lots of logins and passwords will be impossible, so they just throw up their hands and use the same one for most websites. But if any one of those sites experiences a data breach that includes user passwords, every one of the accounts using that password will be compromised.

Recycling passwords is especially dangerous when you reuse a password on financial sites, so make sure that your passwords for banking, retirement funds and credit card accounts are not the same as those you use elsewhere. Otherwise, you are playing with fire.

Using a password manager can help 

If you know that there is no possible way you can remember a unique password for each and every site you use, you might consider using a password manager. These apps can help you keep a record of the passwords for every site you use so you don’t have to rely on your memory. Many password managers will also help you create strong, complex passwords by generating a password for you, or by rating the strength of your current passwords so you can eliminate any weak ones. Some password managers store the database of your passwords on your computer, but others store them in a cloud server, so you can access your list of passwords from all your devices, wherever you are.

Keep in mind, though, that password managers do not ensure online security. Even the best password manager is vulnerable if someone hacks your password to get into the password manager itself. But many security experts feel that the benefit of making it easier to use a unique, strong password for every single site you use makes using a password manager beneficial. Technology sites like Wired and PC Magazine and product review sites like Consumer Reports have published reviews of password management software, so they are a good place to start if you are interested in researching this option.

Before you spend money on a password manager, look on your PC or mobile device to make sure that you don’t already have access to one via other security applications. In researching this article, I found out that the virus scanning product I use on my personal laptop includes a password manager in some of its anti-virus software packages. It turned out that I had a well-reviewed password manager on my laptop all along and didn’t even know it! 


Pam Leibfried is a marketing content specialist whose love of words led to a writing and editing career. After a brief stint teaching English, she transitioned to corporate communications and spent 20 years at The Nielsen Company before joining Alliant’s content development team. Early in her work life, Pam’s friend Matt explained the benefits of a 401(k) and her dad encouraged her to start a Roth IRA. Their good counsel prompted her to prioritize retirement savings, which just might enable her to retire early so she can read more and live out the slogan on her fave T-shirt:  “I have a retirement plan: I plan on quilting.”