Generate good strong passwords

Generate a good strong password

Security guidelines and tips What is 2FA?

Why should I use a long and random password?

Because these days, computing power is actively used to 'guess' your password. Some computers try many times and will 'crack' your password eventually. Some computers (or humans) will try and guess your password based on things you might choose, or use passwords obtained from hacks or data-leaks at different websites.
In all cases; it is wise to use a password only once! And make that password very hard to guess! The best password is one that has nothing to do with you. So a 'random' password (a password that consists of random letters, numbers and symbols) is very hard to crack.

What is a good password?

A good password is at minimum 12 characters long and consists of random characters. Preferably a combination of letters, numbers and symbols. Such a password is very hard to 'crack'. A good and strong password is impossible to guess and should have no relation to you as a person.

Can I use these passwords everywhere?

Yes, everywhere! But preferably only use them once! So for each website or system that requires a password, generate a unique / new one. This will keep your data safest.
If, God forbid, your password leaks (data breach in that system), then all your other websites and systems won't also be compromised.

Do you know or store my password?

No, the passwords you generate here are actually generated on your own device. We have no idea which passwords you generate or what you use them for. So they're 100% safe and secure to use!
We do recommend creating long passwords with many different characters though. An easy to guess password is often a bad password!

Where do I keep / store my password?

Either use the native password-manager in your browser (the popup you see, asking you to save the password when you entered it), or use Bitwarden, Lastpass or 1password. These are password managers and will keep your passwords (relatively) safe. We say relatively, because these password managers can, theoretically, also get compromised.
If you choose to write down your password, please keep it safe and don't give others access to it. It's probably best not to store passwords in digital files on your computer.

How to create a good password

You can can create a good password here on good-password.com! Just use the form at the top to create as many passwords as you need. They are safe and secure as long as you make it enough characters. Try to never use sensitive data inside your passwords, or verbs / words that others can guess. Keep it totally random, that's usually best.

Where can I create a good password?

You can use this website! Good-password.com will form a password for you that is secure and incredibly hard to crack, if at all possible. Do keep in mind that you use enough random characters such as lowercase, uppercase, numbers and symbols. The longer, the better! So use at least 12 characters but don't be affraid to use even more.

Security guidelines and tips

  1. Do not share your password with anyone else. Do not ever send your password by email, text or other digital means.
  2. Do not use family names, pet names, birthdays, phonenumbers, emailaddresses or zipcodes in / as passwords!
  3. Try not to leave your computer unattended and unlocked. Because of 'autofill' possibilities and ways to 'display that password' while it's autofilled, others might be able to simply look up your password on your computer.
  4. Always set a password on your device, and lock / logout automatically after a number of seconds or minutes. Make it so nobody can access your phone / device without you knowing about it.
  5. Don't log into important services on devices that are not yours. Especially computers in public spaces such as internet cafes or hotel lobbies. Logging in while on a public / unknown wifi-network is also tricky and unadvised.
  6. Always log in at important services by manually visiting those. Either by typing in their URL or visiting them from a bookmark you made. Do not visit them by clicking a link somewhere (email or otherwise). Make very sure that you are where you think you are. Doublecheck the URL in the addressbar.
  7. Even after having used a strong password; also use 2FA (Two Factor Authentication), when possible! This is an important one and makes any account multitudes more secure.
  8. Never click on links, and especially not files if you do not know very certain what they are. It's better to try and identify and verify where a link, email or file came from before trying to open it.
  9. Keep your operating system (like Windows or MacOS) up to date. Make sure you have the latest patches of that operating system. Preferably also keep your software up to date, but only through the official channels.
  10. Regularly scan your computer for virusses and malware with antivirus / antimalware programs and/or the built in virusdetection of your operating system (such as Windows Defender).
  11. Try and use different emailaddresses. If you only use one, and that emailaddress gets compromised / hacked, you'll be hardpressed to try and recover access to services. Also; people who have hacked that one emailaddress now have access to any and all of your other systems. They can probably use the 'forgot password method' at those systems and get emailed a new one.
  12. When you need to reset a password, use the official website for it. Do not click a link in an email to start this process. Go to the website, and request a reset manually there. Any followup email you receive (from that organization) within the next few seconds is highly likely trustworthy.
  13. If you really want to save your passwords on your device, put them into a file and encrypt / lock that file with a master password (generated here of course :)). You can encrypt files with services like BitLocker or 7-Zip.

What is Two Factor Authentication?

Two Factor Authentication (2FA) is a way to validate that the user siging in - is actually the person who is allowed to sign in. This is done through a secondary means of 'proving you are you'. So besides your usual password, you (often) also need to enter a code you receive through SMS text message. Or you need to use a code generated by a 2FA-app such as the Google Authenticator. By using this secondary means of logging in, it becomes a lot harder to compromise someones account, because you'd need access to at least 2 seperate systems. Firstly the password, and secondly the mobile phone / device of this person.