Tips for Building Strong Passwords

April 4, 2017

Passwords are critical gateways to your company’s databases and networks. But they’re also potential open doors for hackers. Up there with “password” and “qwerty” in the Hack Me Hall of Fame are passwords that are short common terms like team names, dog breeds, dates and other easy-to-guess options. They’re risky on two fronts, according to the Federal Trade Commission. First, an up-to-no-good insider will take one look at the screensaver of an employee's adorable sheepdog Ralphie and immediately try “sheepdog” and “Ralphie.” Second, common words are particularly susceptible to dictionary attacks, the tech equivalent of the million monkeys at a million typewriters that systematically try every conceivable word until they hit pay dirt. When creating passwords, remind your employees to skip those obvious choices. This is one time when good spelling can lead to bad results.

Longer passwords are better, of course, but they can be harder to remember. So how can businesses balance security and practicality? The FTC suggests considering the passphrase as an alternative. Hackers aren’t likely to guess a nonsense word like “iwtraranaped,” but the guy in the next office who plays in a Kiss cover band on weekends will instantly remember “I want to rock and roll all night and party every day.” Careful companies layer in mandatory numbers, symbols, or cases, making “iW2r+ran+ped!” an even stronger option. If your business requires employees to change passwords periodically, the Ace Frehley wannabe can simply move on to the next line of the song.

Here are some tips on building strong passwords.

A Strong Password Should:

  • be at least 8 characters in length
  • contain both upper and lowercase alphabetic characters (e.g. A-Z, a-z)
  • have at least one numerical characters (e.g. 0-9)
  • have at least one special character (e.g. ~ ! @ # $ % ^ & * ( ) - _ + =)

A Strong Password Should Not:

  • spell a word or series of words that can be found in a standard dictionary
  • spell a word with a number added to the beginning and/or the end
  • be based on any personal information such as family name, pet, birthday, etc.
  • be based on a keyboard pattern (e.g. qwerty) or duplicate characters (e.g. aabbccdd)

The following are vital suggestions for using passwords

  • Do not share your password with anyone for any reason.
  • Change your passwords periodically—at least every three months.
  • Do not write your password down or store in an insecure manner. Never store a password in an unencrypted electronic file or use the "save my password" feature on websites for important passwords.
  • Do not use automatic logon functionality on websites or devices.
  • Avoid reusing a password.
  • Avoid using the same password for multiple accounts or sites.
  • If you have an in-home Internet router, change the default password. Each router has a basic default username and password combination. This makes it easier for hackers to break into your network.


Contact ALTA at 202-296-3671 or communications@alta.org.

SoftPro is the nation's leading provider of real estate closing and title insurance software. With more than 14,000 customer sites and over 60,000 users nationwide, this award-winning software offers a suite of products designed to increase your volume and revenue by reducing the time it takes to do closings. SoftPro has been recognized by the American Business Awards every year since 2007 - winning awards for Superior Customer Service, Support and Product Development. North American Title Insurance Company (NATIC) is a seasoned title insurance underwriter, helping title agents to achieve their individual business goals for more than 50 years. Today, the company conducts real estate settlement services in 39 states and the District of Columbia through a network of experienced, independent agents.