Skip to main content

Top 10 Password Tips & Tricks to Protect Yourself

  |  Dashlane

When it comes to password management, common sense can sometimes be overshadowed by human nature. Despite our best intentions, we often fall into patterns that increase vulnerability to data breaches and weaken our cybersecurity. Strong password practices go a long way toward protecting personal and company info while making your passwords safer and easier to create, store, and recall. Here are our top 10 password tips and tricks to protect yourself: 

  1. Make your passwords long
  2. Avoid common phrases
  3. Don’t use personal info
  4. Use a mix of characters
  5. Never reuse passwords
  6. Store passwords in a password manager
  7. Only change your password when you need to
  8. Use 2-factor authentication
  9. Use a VPN on public WiFi
  10. Only share passwords securely

Want to make life harder for scammers?

Check out our free username generator and random password generator tools.

Think you have a strong password? Use our password strength tester tool to put it to the test!

Why is having a strong password important?

Graphic of a safe with icons inside, representing a strong password protecting one's financial information, devices, network, and personal information.

We established our list of password security tips by reviewing what can happen when passwords are weak, disorganized, or unencrypted. Among other benefits, a strong password: 

  • Protects against cybercrimes: Phishing, brute-force attacks, and other common hacking tactics share a common trait: They all rely on poor password protection to gain unauthorized access. Without the right plan and tools to maintain strong and secure passwords, you are more vulnerable to hacking and data breaches, which become more common each year.
  • Protects your personal and financial information: Most password-protected accounts you frequently use are likely directly or indirectly related to your finances. Bank and credit card accounts are obvious examples, but e-mail passwords also protect these accounts. Your email is often used for banking 2-factor authentication, and personally identifiable information (PII) can often be found in messages and attachments. 
  • Protects your devices: Along with protecting important accounts, strong passwords also protect the devices that house them. Mobile devices are prone to loss or theft. Screen locks and authenticator apps can minimize unauthorized access, but following strong password tips helps to prevent personal e-mail addresses and bank accounts from being compromised or devices from being wiped and resold.
  • Protects your network: Strong passwords protect your own devices and personal information, and they can also help protect those you interact with at home or work. Information and conversations shared over communication platforms and e-mails can be compromised during a data breach, leaving your family and friends potentially impacted. In the workplace, valuable intellectual property (IP) and customer data can be exposed if your password is stolen, which can lead to huge financial and brand reputation repercussions for your employer.
  • Makes password changes less necessary: Frequent password changes and 30/60/90-day reset intervals are often used by companies with the intention of improving password security for employees. Unfortunately, many of us don’t know how to think of a good password on our own and might create a weaker password in our haste to beat the reset deadline. Our tips for creating a strong password can make these regular updates unnecessary.
  • Prevents your information from ending up on the dark web: The dark web is a term used to describe hidden recesses of the internet where compromised information is exposed or sold. Poor password protection leaves you vulnerable to hacks and scams to obtain personal information such as phone numbers, addresses, payment information, and social security numbers. Dashlane’s Dark Web Monitoring service continually scans billions of records and alerts subscribers when their information is detected.
A screenshot of the Dark Web Monitoring feature in the Dashlane web app.
A screenshot of the Dark Web Monitoring feature in the Dashlane web app.

10 password tips and tricks to protect yourself

Our top 10 password tips and tricks can keep your information and devices safer and might even make your computing life a little easier:

1. Make your passwords long: Increasing password length is among the most important password security tips. The logic behind longer passwords is simple—each time you add an extra character, you increase the number of possible combinations, along with the time it would take an attacker to decipher the password. Just going from 8 to 12 characters makes it nearly impossible to guess a password based on random, computer-generated combinations.

2. Avoid common phrases: What do we mean by common phrases? Dictionary words like password, monkey, dragon, and princess are among those commonly used as a password (or part of one). Not surprisingly, these simple words, along with basic patterns like abcd1234, are also easy for others to guess. Numerical passwords like 123456789 are even less secure since there are only ten available characters.

3. Don’t use personal info: Most of us are guilty of this occasionally. After all, it’s much easier to remember your parakeet’s name than some random combination of numbers and letters. Addresses and birthdays are other examples of personal information that people convert into passwords to make them easier to remember. Since this identifying information can often be found on the web, leave it out of your passwords.

4. Use a mix of characters: Using a variety of symbols in your password, including uppercase letters, lowercase letters, numbers, and special characters, is another good way to strengthen password security. Since there are no set rules for arranging the symbols, try inserting special characters and uppercase letters into the middle of the password, not just the beginning or end. But while you may think it’s clever to replace common letters with symbols, l!k3 th!$, be warned: cybercriminals are wise to this tactic, so it won’t actually slow them down any more than regular words will. 

Infographic with examples of poor passwords and further instructions on better practices when creating and managing passwords.

5. Never reuse passwords: The volume of accounts and passwords we maintain can lead us to reuse passwords to make them easier to remember. Duplicate passwords weaken cybersecurity by exposing multiple accounts if even one password is compromised. Dashlane’s Password Health score feature identifies and grades your reused, weak, and compromised passwords and provides you with recommendations to instantly improve your score.

6. Never store passwords in an unsafe place: This tip refers to unsafe physical locations as well as risky virtual locations that may not be quite as obvious. Passwords stored in desk drawers or written on sticky notes can easily be lost or fall into the wrong hands. Passwords stored electronically in spreadsheets, Slack accounts, or web browsers are also vulnerable since none of these methods typically use encryption to protect stored passwords.

The best way to store passwords at home or at work is to use a safe password manager to create and store complex, encrypted passwords on secure external servers, where they are always protected from hacks and data breaches.

7. Only change your password when you need to: Changing passwords too often can make them less secure. Why? Because too-frequent password changes might result in only minor changes to existing password(s). NIST digital identity guidelines explain that these small changes have little value since attackers can apply the same transformations. NIST recommends establishing controls to screen out weak or compromised passwords instead. Unnecessary password changes can also create hassles for IT teams, with employees in the set-forget-reset loop often locked out of their own accounts.

8. Use 2-factor authentication: 2-factor authentication (2FA) uses a second credential, such as a code sent through an app or e-mail account, to further verify user identity at login. Some 2FA and multi-factor authentication (MFA) techniques use biometric identifiers like fingerprints or facial recognition. This extra security step lands among our top password tips since it makes it nearly impossible for an intruder to access your accounts without having your device in their possession.

9. Use a VPN on public WiFi: When you log into a public WiFi network without the protection of a virtual private network (VPN), your information can be intercepted. A VPN service encrypts the data going into or out of your device and routes it through a secure portal, making it easier to protect your passwords and personal information on public WiFi networks.

Graphic of icons representing safe internet usage with the protection of a VPN, vs. the unprotected use of the internet without a VPN.

10. Only share passwords securely: Password sharing is a common practice for many retail, subscription, and workplace accounts. If anyone you have shared a password with is impacted by cybercrime, your identity and information become vulnerable as well. The best password managers include encrypted portals for password sharing that allow you to transfer private information easilyly without sacrificing privacy or increasing vulnerability to hacking.

How Dashlane protects your passwords

Dashlane’s password management solution makes it easier to follow the top password security tips. With Dashlane, you can create strong, random, and unique passwords, then store and autofill them securely. Standard features, including 2FA, password health scoring, a secure password sharing portal, and 256-bit AES encryption, take the guesswork and legwork out of password protection. Additional VPN and Dark Web Monitoring services bolster password security at home, at work, or on the road.

Over time, the growing number of accounts, password complexity, and secure storage methods have become ongoing challenges. Find out how Dashlane has reversed these trends by making secure password management convenient as well as safe in our brief history of passwords.


  1. Dashlane, “How Strong Is Your Password & Should You Change It?” August 2022.
  2. Dashlane, “What the Hack Is a Brute Force Attack?” February 2020.
  3. Statista, “Annual number of data compromises and individuals impacted in the United States,” 2022.
  4. Dashlane, “What the Hack is 2FA,” January 2020.
  5. Dashlane, “How to Shine a Light on the Dark Web,” June 2022.
  6.  Dashlane, “Sharing Passwords Through Slack Is Risky,” November 2019.
  7. Dashlane, “Always Change Your Passwords After a Breach,” March 2020.
  8. Dashlane, “10 Most Common Passwords (Is Yours on the List?)” September 2022.
  9. IEEE, “Personal Information in Passwords and Its Security Implications,” May 2017.
  10. Dashlane, “What Is a Good Password? 5 Tips for Increasing Password Strength,” November 2022.
  11. Dashlane, “How Strong Is Your Password & Should You Change It?“ August 2022.
  12. Dashlane, “How to Stop Reusing Passwords for Good,“ January 2020.
  13. Dashlane, “Understanding Your Dashlane Password Health Score,” October 2020.
  14. Dashlane, “Best Way to Store Passwords at Home or Work,” September 2022.
  15. NIST, “Digital Identity Guidelines,” June 2017.
  16. Dashlane, “A Beginner’s Guide to Two-Factor Authentication,” August 2022.
  17. Dashlane, “What Is Encryption," March 2019.
  18. Dashlane, “A Brief History of Passwords,” 2022.

Sign up to receive news and updates about Dashlane