← All guides
Safety guide

How to make a good password and why a password manager is worth it

Passwords you no longer have to remember — and that's a good thing

A good password protects you from nothing if it’s easy to guess or if you use it everywhere. The good news: the rules are simple and don’t ask you to remember complicated things.

A good password is long, not complicated

Forget “P@ssw0rd!”, hard to remember and, in fact, not very safe. Better a long phrase of a few unrelated words: table-green-cat-train. It’s much harder to crack and, oddly, easier to remember.

The most important rule: don’t reuse a password

If you use the same password everywhere, it only has to leak once (from a data breach at one site) to put all your accounts at risk. That’s why every important account deserves a different password.

How do you remember them all? You don’t — a manager does

A password manager is an app that keeps all your passwords in a kind of safe, securely, and fills them in by itself when you log in. You remember just one password, the main one. Examples: Bitwarden, or the one built into your browser or phone.

Add the “second step” too

Even the best password is safer with a second step at login. If you haven’t turned it on yet, see the guide about it — it’s the most important thing you can do for your accounts.

In short

  1. Make passwords long (a phrase of a few words), not necessarily complicated.
  2. Don't reuse the same password on more than one account.
  3. Use a password manager so you don't have to remember them all.
  4. Also turn on the “second step” (2FA) for your important accounts.
Already happened? My account was hacked or locked. What do I do? See what to do →

Sources

Last reviewed: . Spotted something outdated? Tell us.