Weak passwords are still a top cause of account takeovers. Length and randomness beat clever substitutions like P@ssw0rd every time.
What makes a password strong
- At least 12–16 characters (longer for master passwords)
- Random mix of letters, numbers, and symbols
- Unique per site — never reuse across accounts
Use a password manager
Managers generate and store unique passwords so you only memorize one master passphrase. That single habit prevents cascade breaches when one site leaks credentials.
Check before you commit
Strength meters estimate guessability. They’re not perfect, but they catch dictionary words, short lengths, and common patterns instantly.
Try it instantly
Generate secure passwords with our Password Generator () and check strength with our Password Strength Checker (/tools/password-strength-checker).