Whether it’s a few PCs or hundreds on your network, there’s one thing that can separate your system from being compromised: a great password.

Why? Hackers want access to anything and everything. If they can guess your user name and password, you might as well have given them your wallet and the keys to your building. Here are some tips on creating a great password.

1) Don’t Be Complacent!

Hackers are a devious bunch and will stop at nothing to get into your network and files. They use three different methods to get to you: brute force, dictionary attacks, and social engineering. Brute force is the most time-consuming method. Basically, it involves a program that tries every combination of letters, numbers, and keyboard characters to guess your password. It starts with trying every character, and then tries two-character combinations, and so on. The longer the password is, the exponentially more difficult it becomes to crack. Another method of attack is through the use of custom dictionaries. These dictionaries are filled with words and names, but also number and letter combinations, such as 11111 and abc123. Simple passwords such as “duke” or “ilovemydog” can easily be guessed. The third and most effective method of attack is social engineering. This involves someone with criminal intent soliciting a password directly from a user. Many people divulge their passwords to co-workers and strangers without even realizing it.

2) Know What Makes a Bad Password

• Don’t use only letters or only numbers.
• Don’t use names of spouses, children, girlfriends/boyfriends or pets.
• Don’t use phone numbers, Social Security numbers or birthdates.
• Don’t use the same word as your log-in, or any variation of it.
• Don’t use any word that can be found in the dictionary — even foreign words.
• Don’t use passwords with double letters or numbers.

Some of the worst passwords are: password, drowssap, admin, 123456, and the name of your company or department. Finally, never leave it blank. That’s a surefire way to let the bad guys into your system.

3) Get Better at Creating Good Passwords

A good password is one that is easy to remember but difficult to guess. That sounds like a paradox, but it’s really not.

There are a couple of different ways to create difficult-to-crack passwords. One is substituting letters with characters and numbers. To make it easier on yourself, try to use numbers and characters that resemble the letters they are replacing.

Another method is to use the first letters of the words in a favorite line of poetry or a verse of song. “Hail, hail the lucky ones, I refer to those in love” becomes “H,hTL0,IR2t1L.”

The best passwords are at least eight characters in length and use a combination of numbers, keyboard characters and upper- and lower-case letters. The longer your password is, the longer it will take someone (or more likely, some program) to crack it.

4) Change Your Password Often

This one is pretty-much self-explanatory. A stale password is a violated password. Changing the password every 30 days is ideal, but not always practical. I usually recommend at least a 60 day schedule but I would advise you not to go more than 90 days.