How to create and secure your online passwords

Passwords are integral to our online life these days, especially with the increased use of online banking and cloud computing. It’s little wonder then, that password stealer tools and brute force dictionary attacks are big business for the cyber criminals. The number of people I know who use the same password for multiple websites is staggering.

Given most websites (and third party apps), including Facebook ask you for your full password (most banks will only ask for three characters of your password), this does leave most people open to multiple attack. Now let us take a look at how you can easily create and store secure passwords:

Creating a secure password

  • Create a long password, with a mix of upper and lower case letters along with numbers and non-alphanumeric characters – not all websites support the latter.
  • Never use password substitutions i.e. pa55wOrd.
  • In the event you cannot use non-alphanumeric characters, use a password phrase with a mixture of upper and lower case letters along with numbers.
  • Always create a different password for each website/service you register with. Database breaches are common, so make sure you only use one password with one website/service.
  • Visit: and check the strength of your password.

Use a Password Generator – a selection of my favourite utilities

  • PC Tools Password Checker – allows you to create random passwords that are highly secure and extremely difficult to crack or guess due to an optional combination of lower and upper case letters, numbers and punctuation symbols.
  • MakePassword – is useful for getting a random password for personal use or for generating large lists of default passwords.
  • Passcreator – you can even specify a word before generating a password, in order to display this word into password. The word will then be placed randomly into the password.
  • – generates passwords, but doesn’t store them – this is a very useful utility that can be used on Linux, Mac and Windows operating systems. It isn’t for novices though.
  • Strong Password Generator – use this strong password generator to generate secure, random passwords. It’s free.
  • Additionally, GRC aka Steve Gibson has a novel way of presenting very long passwords with Password Generator which are very useful for locking down wireless WEP and WPA networks.

Use a Password Manager

Password Managers store all your passwords and can also be used to automatically insert your username and password:

  • Password Safe is free and open source and is my favourite password manager utility. TIP: Store your Password Safe database file as an encrypted volume using TrueCrypt* Password Safe also allows you to generate strong passwords.

*TrueCrypt is free and open source and allows you to create encrypted volumes

We’ve all at one time or another forgotten our email account passwords, so below you will find two useful utilities from a reputable company called NirSoft that should give you piece of mind:

  • Mail PassView – use this tool and it will find your email account passwords for you. It’s also useful in highlighting how insecure your email account passwords are on your PC.
  • Password Security Scanner scans the passwords stored by popular Windows applications (Microsoft Outlook, Internet Explorer, Mozilla Firefox, and more…) and displays security information about all these passwords. It doesn’t disclose the password though.

Remember, password stealers (scripts and keyloggers) exist on compromised websites and genuine ‘hacked’ websites as well as email attachments (image or PDF files are a common attack pattern) and video files. My readers should also read more about Script Browser Blockers, which will provide you added assurance when surfing the web.

Safe surfing folks!

This entry was posted in apple, browser, facebook, google, identity theft: identity fraud, privacy and tagged . Bookmark the permalink.

4 Responses to How to create and secure your online passwords

  1. Shane says:


    I normally use a website for when I need to generate bulk passwords for my clients. It allows you to copy and paste into an Excel document easily.

  2. nancy says:


    I have had an issue recently with my account, someone has managed to get into my facebook account and trying to do some activities…please can you advise how could you identify who has has the access and from which country this access were made? I have changed my password but they still managed to login into it and continue doing the activities…

    I am a bit stressed with the whole situation and it will be really helful if you can find the country where this access was made?

    Thank you very much Nancy

    • Julian says:

      #Nancy# You might have a rogue keylogger installed on your system. I suggest you run an antivirus scan. If that doesn’t find anything please ping me.

  3. nancy says:

    Hello Julian,

    I have run an antivirus scan but it did not find anything…please can you check as I am a bit worried that they managed to get into the system

    Thank you

Leave a Reply

Your email address will not be published. Required fields are marked *