LochStudios  /  Help Centre  /  Security  /  Create strong passwords and use a password manager

Create strong passwords and use a password manager

Learn how to create passwords that are hard to crack and store them safely using a password manager.

Updated

Weak passwords are one of the easiest ways for attackers to access your website and accounts. A strong password combined with a password manager keeps your credentials secure without the burden of memorizing them.

What makes a password strong?

A strong password has:

  • At least 16 characters (longer is better)
  • A mix of character types: uppercase letters, lowercase letters, numbers, and symbols (!@#$%^&*)
  • No dictionary words or common patterns like "password123"
  • No personal information (your name, birth date, or company name)
  • Uniqueness: each account gets its own password

Examples of weak vs. strong passwords

| Weak | Strong |
|------|--------|
| password | 7mK#9Lx$2nQvWp@Rt! |
| myname2024 | Fj4@nBx9Kq!sYm2Lv$ |
| admin123 | Gz8$Pw2@Yc!kTd5Rx9 |

Why password managers are essential

A password manager:

  • Generates strong passwords for you (no more guessing or reusing weak ones)
  • Stores them encrypted so you only remember one master password
  • Auto-fills logins on websites and apps, saving time and reducing typing errors
  • Alerts you if a password has been leaked in a data breach

You only need to remember your master password—make it strong and write it down in a secure place (a physical safe, not a sticky note).

Using a password manager

  1. Choose a reputable password manager – Examples include Bitwarden, 1Password, Dashlane, or KeePass (open-source)
  2. Install the app and browser extension on your devices
  3. Create a strong master password – This is the key to everything; don't skip this step
  4. Generate a new password when creating or updating account passwords
  5. Store login details – The manager captures your username, password, and URL automatically
  6. Sync across devices – Log in from your phone, tablet, or computer using the same manager

Best practices

  • Never reuse passwords – If one site is breached, attackers can try that password on other accounts
  • Update weak passwords gradually – Focus on high-value accounts first (email, billing, hosting panel)
  • Use two-factor authentication (2FA) with your password manager (covered separately) for extra protection
  • Keep your master password safe – If someone guesses or steals your master password, they access everything
  • Enable multi-device syncing securely – Ensure your password manager offers encrypted cloud sync if you use multiple devices

For your hosting account

Your web hosting control panel password is critical. Use a unique, strong password generated by your password manager. Many hosting providers also support two-factor authentication—enable it for this account in particular.

With a strong password and a password manager, you've eliminated the most common attack vector against your online accounts.


Was this article helpful?

← Back to Security