How strong is your password? Five ways to evaluate

January 15, 2020

A strong password is what protects you from cyber criminals. Relying on a weak password, by contrast, makes it easy for cyber criminals to gain access to your accounts, steal your identity and even take your money. So the question is: How do you know if your password is going to keep you protected or not? Here’s are five ways to know if you have a strong password.

"passwords and the number 5 in colourful fields"You aren’t using the name of a pet or family member

For many, it’s important to have a password that’s easy to remember. Inevitably, that means people lean on readily available options such as the name of a pet, family member or favourite sports team.

The problem is that this information is relatively easy for someone to find. Just think, for example, of the number of times you’ve posted photos on social media that included a reference to your dog’s name.

That means that, with information so readily available, it’s also going to be easy for a cyber criminal to track it down and use it to guess your password.

Make it more difficult for cyber criminals to guess your password and you’ll be more likely to keep your accounts safe.

You’re using a passphrase instead of a password

For many, developing passwords is as simple as choosing a word to use. And for good reason. One-word passwords are simpler to remember.

The problem is, though, that “simple to remember” equates with “easy to guess” in the world of cyber crime.

The more cyber secure option? Go with a passphrase instead of a password.

A passphrase is a mix of random words that only you would think to combine. Ideally, each passphrase would be at least four words and at least 15 characters long.

One way to do this is to look around and create a passphrase out of the first four words you see. If you were trying to create a passphrase at a coffee shop, for example, you might end up with the following words:

  • Mug
  • Book
  • Laptop
  • Phone

The resulting passphrase is entirely unique to you – it would be next to impossible for anyone else to guess it.

Your password is unique to the account/device you are using

Many people, for the sake of simplicity, choose to use the same password for multiple accounts and devices. The problem is that if a cyber criminal can guess your password on one account or device (or they can get it from another means) then they can then gain access to all your accounts.

That’s why a cyber security best practice is to develop a unique password for every account. It might be harder to remember, but it’s the best way to foil any cyber criminals trying to gain access to your information.

Finding it difficult to remember all the passwords? Then consider using a password manager.

It keeps all your passwords safe in one place so you don’t have to remember all of them.

You’re using one of Get Cyber Safe’s strong password “tricks”

One of the best strategies for developing a strong password is to develop something so unique that only you would know it.

One “trick” we recommend: Think of a memorable sentence that only you would think of. For example: The Best Month For Basketball Is In June. Then capitalize certain characters and add numbers.

In the above case, you might end up with the following: TbmfBiiJ2733

There! You’ve got a unique password that only you could remember.

You haven’t shared your password with anyone

This last one is pretty straightforward, but it is also perhaps one of the most important.

Never, ever, ever, ever, EVER share your password with anyone. Not your friends. Not your teacher. Not even with your family members.



We use passwords for almost everything we do online.
From checking our emails and bank accounts to catching up with friends on social media.
Our passwords protect the things that are important to us, like our data, our money, our privacy, and even our identities.

To make things easier for ourselves, we often create passwords that are simple and memorable.
But we need to be careful.
A password that’s easy to remember is probably easy to guess.
So how do you create a password you won’t forget, but a cyber threat actor can’t crack?
It is possible!


First, let’s start with what to avoid.
A strong password shouldn’t include any personal information, like names of family members or pets, addresses, phone numbers, song lyrics, or birthdays.
You should also avoid easily guessed passwords like “password” or “1234”.


And to make a password really hard to guess,
you shouldn’t use a password at all!
Instead, try a passphrase — a mix of random words.
It should be at least 4 words, and 15 characters long.
To come up with one, just take a look around you.
The first four objects you see could make up the four words in your passphrase.
You have a password that’s unique to you, and less likely to be cracked by cyber criminals.
Although this may seem counterintuitive, this method has been proven by researchers to be effective.

Another way to come up with a strong password is to create a series of letters that make sense to you, but would be meaningless to a potential threat actor.
First, think of a memorable sentence, for example:
Then take the first letter of each word, capitalize letters, and add numbers and special characters in a way that you’ll remember.

Not bad, right?

But having a strong password isn’t everything. You still need to keep it safe.
Always use different passwords on every account or device, and make sure you log out when you’re done.
For important accounts, like your bank or the Canada Revenue Agency, it’s critical that you use a unique password.
If like most people you have too many passwords to create a random, unique password or passphrase for every account, consider using a password manager and always use two-factor authentication.
And most importantly, never, ever share your passwords, even with family.
Keeping your passwords secure is one of the most effective ways to increase your cyber safety.


But it’s not the only step you can take.

Visit for more information and advice on all things cyber security.


How do your passwords measure up?

If your password is weak in any of the above categories, consider re-evaluating and designing new ones.

After all, your password is all that protects your information, identity and even money from cyber criminals. Make sure yours is secure.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: