Quiz Entry - updated: 2026.06.24
What are the key rules for a strong password?
Make it long (≥12 chars), mixed, meaningless, and unique per service — and never store it in plaintext.
The rule set:
- At least 12 characters
- Mix digits, upper- and lowercase letters, and special characters
- No keyboard runs like
asdfghor45678 - No real word of any language — it shouldn't "make sense" (defeats dictionary attacks)
- One password per service — never the same everywhere
- Never store it unencrypted
- Change it immediately if you suspect it's compromised
Why "meaningless" and "long": dictionary and rule-based attacks try real words and common mutations first. A long, structureless secret pushes you out of those fast wordlists and into brute-force territory, where length explodes the search space.
Tip: A long random passphrase of unrelated words satisfies "long + meaningless" while staying memorable — and a password manager removes the need to remember any of them.