How to Choose a Good Password: Strategies for Stronger Security
Picture this: you’re logging into your email, and you use your go-to password — maybe your dog’s name and the year you got him, like Buddy2023. It’s easy to remember, and hey, it feels personal. But here’s the problem: it’s also easy to guess.
If you’ve ever posted about your dog on social media (and who hasn’t?), hackers already have a lead. Combine that with a birth year, a favorite sports team, or a short phrase, and your password is toast.
At TechPals, we talk to people every day who want better password habits but aren’t sure where to start. This guide is for you — whether you’re creating your first secure password or wondering if “CoffeeLover2022” is strong enough. (Spoiler: it’s not.)
Why Passwords Still Matter — A Lot
You might think, “No one would target me.” But here’s the thing: most hacking is automated. Bots try millions of login combinations on thousands of accounts at a time. If your password is on a list of common ones, or if it's based on public information, you’re vulnerable — even if no one is targeting you specifically.
According to Verizon’s 2023 Data Breach Investigations Report, 80% of hacking-related breaches involve weak or reused passwords. And once one account is compromised, hackers often try the same password on other sites — something known as credential stuffing.
The good news? You don’t have to be a tech genius to protect yourself. With a few simple strategies, you can create passwords that are both strong and easy to remember.
Current Stats That Show Why It’s Time to Change Your Password
15% of people use their pet’s name in a password
Passwords with 12+ characters are 10x harder to crack than 8-character ones
Using a password manager reduces password reuse by up to 30%
Want help setting up stronger passwords or a password manager? Visit techpals.org — we help real people feel confident with digital tools every day.
How to Choose a Good Password: 6 Strategies That Work
Let’s walk through how to build a password that’s strong, memorable, and doesn’t rely on “password123” or your birthday.
1. Use Personally Relatable Phrases or Words
Instead of choosing something generic like “BlueSky2023,” think about:
A vacation you loved
A favorite meal
An inside joke
A hobby or memory
Examples:
GrandCanyonHike@2022ChocolateChip!Cookies99ReadingByTheLake#5PM
These passwords are long, personal, and include a mix of uppercase letters, symbols, and numbers — all good things.
2. Turn a Sentence into an Acronym
Take a phrase or saying that sticks in your head and shrink it down.
Examples:
"I drink coffee every morning at 7 AM" becomes →
IdCEM@7am!"The cake is a lie, always" becomes →
Tc1aL@ways!
This makes your password less guessable but still tied to something you'll remember.
3. Mix In Special Characters and Substitutions
Replacing letters with numbers or symbols makes your password harder to crack.
Examples:
Sunshine2024→5un$hine2024!BlueSkyForever→Blu3Sky#4ever
You don’t have to go overboard — even one or two substitutions go a long way.
Need help building your first strong password? TechPals can help — we do this kind of thing with people every day.
4. Use Passphrases Instead of Passwords
Passphrases are longer combinations of real words — often quirky or funny — that are easier to remember but harder to guess.
Examples:
PineapplePizzaTastes@WeirdCatsAndDogs!GetAlong2Spoons4EveryBowl
These are far stronger than short passwords and often more fun to use.
5. Never Reuse Passwords
It’s tempting — you already have one “good” password, so why not use it for everything?
Here’s why not:
If one site gets breached, hackers can try that same login on your email, bank, and social accounts
Many breaches go unnoticed for months — by the time you realize it, someone else could have your info
Each important account should have a unique password — especially your email, banking, cloud storage, and shopping logins.
6. Use a Password Manager
Let’s be honest: you can’t remember 40 different passwords. That’s where password managers come in. They create and store strong passwords for each of your accounts and only require you to remember one master password.
Popular password managers:
Bitwarden (free and secure)
1Password
LastPass
Dashlane
They’re all easy to use, and most work across phones, tablets, and computers. And yes — TechPals can help you install one. Visit techpals.org and we’ll guide you through it.
Bonus: Add Two-Factor Authentication (2FA)
Passwords are your first line of defense — but they shouldn’t be your only one.
Two-factor authentication (also called 2FA) adds a second layer: usually a code sent to your phone or generated by an app. Even if someone guesses your password, they can’t log in without this code.
Enable it anywhere you can, especially:
Email (Gmail, Outlook, Yahoo)
Bank accounts
Amazon and other shopping apps
Facebook, Instagram, and social media
Want help turning it on? TechPals can walk you through it.
Common Password Mistakes to Avoid
Let’s look at a few things to not do:
🚫 Using obvious choices like:
Password123Qwerty123YourName2024
🚫 Using short passwords
🚫 Repeating the same password for multiple logins
🚫 Forgetting to change a password after a breach
🚫 Writing passwords on sticky notes (especially if taped to your monitor!)
These habits are extremely common — and extremely risky.
What About Password Reset Questions?
Password reset questions have long been a common method websites and services use to verify your identity when you forget your password or need to regain access to your account. You’ve probably encountered them many times before — questions like:
“What was your first pet’s name?”
“What’s your mother’s maiden name?”
“What city were you born in?”
“What was the name of your elementary school?”
While these questions seem harmless or even helpful at first glance, they actually pose significant security risks. The problem is that many of the answers to these questions are either publicly available or can be easily guessed by attackers. This makes them a weak line of defense that can be exploited by hackers attempting to gain unauthorized access to your accounts.
Why Are Password Reset Questions Risky?
Many of the common security questions ask for information that’s either:
Shared on social media (like your pet’s name or birthday)
Public record (maiden names, birthplace)
Guessable based on personal details or common answers
For example, if you’ve posted pictures of your childhood pet on Facebook or mentioned your mother’s maiden name in a family history website, a cybercriminal can often find this information with a little digging.
Even if your answers are more obscure, some hackers will use social engineering techniques — like calling your phone provider pretending to be you — to gain access.
Because of this, password reset questions have become one of the weakest security points for protecting your accounts.
What Can You Do About It?
If a website or service allows you to change your password reset questions, it’s a good idea to:
Choose unrelated or false answers that only you would know — for example, using a random word or phrase instead of the actual answer.
Avoid common questions altogether if the service gives you an option to skip or use other verification methods.
Make your answers long and complex if possible, treating them like an additional password.
However, the best solution is to move away from relying on password reset questions entirely.How Do I Know If My Password Has Been Hacked?
You can check if your email or password has appeared in a breach using:
If you see your info listed, change your password immediately and review any accounts tied to that email.
Building Better Habits
Here’s how to level up your security:
Use a different password for every major account
Use a password manager to store them safely
Review your saved passwords in Chrome, iCloud, or wherever you browse
Set aside 15 minutes to update the weakest ones
Schedule a monthly reminder to check for breaches
And if this all sounds overwhelming, you don’t have to do it alone. Visit techpals.org and we’ll walk you through the process — over the phone or by video.
Final Thoughts: Your Passwords, Your Safety
Your password is like the key to your home — you wouldn’t use the same one for your car, your house, and your safe. Online security works the same way.
With a little effort now, you can save yourself a major headache later. You’ll reduce your chances of being hacked, avoid financial loss, and feel way more confident online.
At Tech Pals, we believe everyone deserves to feel secure with their technology. Whether you’re updating your first password or switching to a manager, we’re here to help.
Start today. Start small. And start smart.
Need help picking a better password or setting up a manager?
Visit techpals.org — we’ve got your back.