Of the many ways to secure information, the username and password method is easy to use and can be added to many other security methods. The system only works if the password isn't too easy to guess but not so hard that the user can't remember what the password is. If you don't know how to make a good, safe password--or don't know what makes a password bad in the first place--here's some information on password policy to get you closer to safe and easy security.
How Can A Password Be Bad?
Passwords are bad when they're easy to guess, but if you're not a computer expert, it's hard to know what a hacker or even novice computer thief considers easy. First, you need to understand a few ways that passwords are stolen.
The easiest passwords are cracked by using brute force dictionary attacks. Brute force means that the hacker or an automated program simply tries something repeatedly to see what works. They're not "hacking" in the sense that they're typing in code to exploit some flaws in the system. They're just trying every word in the dictionary--plus a few combinations--to see what works.
This means that if your password is a simple word, such as apple, tree, apple1, tree1, Apple1, or Tree1 (since case or capitalization is considered typing a different letter), it will be easier for attackers to get into your account. This is why many websites and systems block you from using dictionary words, short passwords, or letters involved in personal information such as your name or street address.
Another issue is using a password that you've used before. If your password or a site you've used has been compromised in the past, using the password again makes it easier for hackers to try again. Hackers have automated programs that can simply try websites that have been hacked again with past successful passwords. It's nothing personal against you; hackers just know that people reuse passwords and can make automated systems to poll thousands of websites per day without personal interaction.
What Makes A Good Password?
There are many theories about good passwords. Once, adding lots of complex letters and numbers was considered complex. Unfortunately, it's hard for humans to memorize random strings of text, so while it's harder for a hacker to brute force their way through a complex password, it's also harder for you to remember the password.
For people who memorize passwords, creating a system is better. Instead of using one dictionary word, using multiple words and then changing those words can create a more complex system. Three things related to your life, but otherwise unrelated can help, such as your eye color, the last thing you drank, and what you did before reading this article.
Black, Milk, Games. BlackMilkGames is harder than one word, but still risky. Bl4ckMilkG4ames is even better, and memorable because the only difference is changing the A's in each word to 4's--a reference to the old internet culture of 1337 speak that has made its way into mainstream culture without most people knowing. A popular comic called xkcd even has a few panels about the method.
If memorization isn't your thing, a password manager can create hard-to-guess passwords for each of your sites while you use one master password. Even if your password manager is hacked, the sites are safe as you recover. Contact a password security professional to get more info about different password methods--including ways to use multiple methods. Go to websites of password manager companies to learn more.