What Makes a Password Strong?

How to Create a Really Strong Password That Nobody Can Hack?

The diversity of requirements

Guess what’s the worst in passwords? No, not the creation process, but the requirement towards its complexity! Irritating, right?

How justified are the existing password requirements?

But let’s be honest — it is all for a reason! Just take a look at the Cyberthreat real-time map by Kaspersky Lab. Hackers don’t sleep!

So the length and quality of characters do matter!

Another issue is how different is your password from those that other people create. A research made by Keeper has identified the top 25 most common passwords. Make sure yours is different from any of these ones:


Why doesn’t it work?

All the other requirements are controversial according to some opinions.

  • not working: people still tend to create the passwords they like
  • repelling users: people become irritated and simply turn away
  • often confusing: the set of rules is incomplete and requires further collaboration
  • not user-friendly: long lists may ruin the impression, visual hints can rectify the situation

What’s the way out?

Developers need to improve the requirements list and make it more user focused. Here are the ideas how to deal with this challenge:

  • length check
  • uniqueness check
  • unmasked password
  • error description
  • visual hint
  • modal window


Users are the main objective. So you need to stop them in case they want to enter an insecure password that doesn’t meet the requirements. However, it has to be done not with a long list of rules, but by checking it after typing. After all, length is quite enough!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Igor Izraylevych

Co-founder and CEO of S-PRO, Entrepreneur, Advisor & Expert in Mobility & IT Strategy. Custom solutions for enterprise and startups http://s-pro.io/