Choose a Strong Password You Can Actually Remember

Choose a Strong Password You Can Actually Remember

Choose a Strong Password You Can Actually Remember

Overview

A strong password is your first line of defense against account takeover. The good news: strong does not mean unmemorable. This guide explains what makes a password strong and how to pick one without writing it on a sticky note.

Before You Begin

  • A few minutes of quiet thought.
  • Your company password manager open and ready (for storing the new password).
  • Awareness of your company's minimum requirements (usually 12+ characters with mixed character types).

Steps

  1. Pick a passphrase, not a password. Four random words strung together is stronger than P@ssw0rd1! and far easier to remember. Example: walnut-eagle-river-button.
  2. Make it at least 16 characters total. Longer always beats more complex.
  3. Avoid anything connected to you: birthdays, kids' names, pet names, sports teams, or your address.
  4. Add one twist your brain will retain: a capital letter, a number, or a symbol in the middle. Example: walnut-Eagle7-river-button.
  5. Confirm it passes your company's complexity check by entering it during a password reset or in your password manager's strength meter.
  6. Save the password in your company password manager before you set it on the account. If you cannot save it, do not use it.
  7. Never reuse it. Each account gets its own passphrase. Your password manager remembers them so you do not have to.

Troubleshooting

  • If your password manager flags the password as breached: pick a different one. A breached password is in attacker databases regardless of how strong it looks.
  • If you cannot think of random words: use the passphrase generator in your password manager (most have one built in).
  • If the system rejects your password: the system likely requires at least one uppercase letter, one digit, and one symbol. Add them and try again.
  • If you must type the password often on mobile: prefer dashes over special characters. Mobile keyboards penalize !@#$ characters.

Related Articles

Need More Help?

Submit a ticket at support.bostonmit.com or email support@bostonmit.com.

    • Related Articles

    • Use Your Company Password Manager

      Use Your Company Password Manager Overview A password manager remembers every password you use so you do not have to. Your company provides one as part of your standard tools. This guide explains how to install it, save your first password, and use ...

    • Reset Your Microsoft 365 Password

      Reset Your Microsoft 365 Password Overview If you have forgotten your Microsoft 365 password, you can reset it yourself in a few minutes using self-service password reset. This guide walks you through the process from a phone or computer. Before You ...

    • Set Up Multi-Factor Authentication with Google Authenticator

      Set Up Multi-Factor Authentication with Google Authenticator Overview If your company uses Google Workspace, multi-factor authentication (MFA) protects your account by requiring a six-digit code from your phone in addition to your password. This ...

    • What to Do If Your Account Is Compromised

      What to Do If Your Account Is Compromised Overview If you think someone else has gotten into your work account, every minute counts. This guide walks you through the immediate steps to lock the attacker out and recover safely. Read it now, before ...

    • Set Up Multi-Factor Authentication with Microsoft Authenticator

      Set Up Multi-Factor Authentication with Microsoft Authenticator Overview Multi-factor authentication (MFA) adds a second check to your sign-in so a stolen password alone cannot get into your account. This guide walks you through setting up the ...