Knowledge Base

Password Security Best Practices

Strong password management is essential for protecting personal and organizational data. Follow these guidelines to create, store, and maintain secure passwords.

1. Use a Password Manager

• Generate random, unique passwords for each account.
• Store passwords securely using encrypted vaults.
• Examples: Bitwarden, 1Password, KeePassXC.

2. Create Strong Passwords

When generating passwords manually, follow the 4‑C rule:

1. Length: Minimum 12 characters (ideally 16+).
2. Complexity: Mix upper/lowercase, numbers, and symbols.
3. Uniqueness: Do not reuse across services.
4. Change: Update periodically for high‑risk accounts.

3. Enable Multi‑Factor Authentication (MFA)

Whenever possible, activate MFA. Use authenticator apps (Google Authenticator, Authy) or hardware keys (YubiKey) for the strongest protection.

4. Avoid Common Pitfalls

• Never write passwords on sticky notes.
• Do not share passwords via email or chat.
• Avoid using personal information (birthdates, names).

5. Monitor for Breaches

Regularly check if your credentials have been exposed using services like Have I Been Pwned.

6. Secure Recovery Options

Keep recovery email addresses and phone numbers up to date, but treat them with the same security as your primary passwords.

7. Regular Audits

Conduct quarterly reviews of your password vault to remove inactive accounts and update weak passwords.