Broker Check

Passwords 101: Passphrase and Replacement Method

May 04, 2021

These days with information at the tips of our fingers, your private information may find itself at the tips of someone else’s fingers. More often than not, it is a question of when and not if your information gets stolen or one of your online accounts hacked.

At the Family Wealth Decisions Group, we often recommend taking precautions to secure yourself against cyber threats, and one in particular is creating strong passwords for your online accounts.

So what makes a password strong? Generally, we encourage you to create a password that is unique to a particular online account, longer than six characters, contains no personal information, and utilizes a combination of letters (upper and lower case), numbers and characters or symbols.

However, even these recommendations leave a lot of room for error, so we have put together some potential steps that may help you to create a unique and strong password[i].

  1. Come up with a passphrase[ii]. Words that can be found in the dictionary or even familiar patterns are easier to guess than you probably think. For this reason, we would suggest that you come up with a passphrase. Then take the first letter of each word, and this will be the first level of creating a secure password[iii]. For example, if my passphrase is: I Love Oreo Cookies And Milk For Every Meal, then the base password is: ILOCAMFEM.
  2. Next change up the cases of a few of the letters[iv]. So, my base level is: ILOCAMFEM, and I decide to change it to ILOCamfEM. Changing the case of the letters adds an extra level of security as almost all accounts now have case sensitive passwords.
  3. Then, change out a few of the letters for numbers[v]. It is fairly easy to start with the letters that have numerical look-a-likes. Such as 1LOCamF3M.
  4. Lastly, you will want to add in a few special characters[vi]. Again, it is easy to start with the letters that have look-a-likes in the symbols. You can use your punctuation keys, but we also recommend throwing in a few actual symbols as they are harder to guess. Therefore working with the same example, I change out a few of my letters for symbols and now my final password is: 1!OC@mf3M.

It doesn’t look much like my original base password anymore, does it?

And while not truly random in the mathematical sense, it does give that appearance. This is a fairly strong password and unique in the sense that it does not include common dictionary words or phrases such as “Master Password,” which is still a somewhat common password, believe it or not.

This password could be improved by perhaps increasing the length of the password or by using the more complicated method of DiceWare (we’ll cover that in another blog) to create a passphrase. Briefly though, DiceWare does a fairly good job of helping you to create a mathematically random passphrase which helps to increase the strength of the password[vii].

Some additional notes on securing your online account against cyber threats:

  • Do not share your log in credentials with anybody.

  • Do not re-use the same password on multiple accounts.

  • If you have difficulty recalling your passwords, you may wish to use a secure password keeper application. This is not the be confused with the Remember My Password feature on a lot of browsers which automatically fills in your password. You will want a Password Keeper application that requires you to log in either with a finger print or another password. If you have some way of securing it, then a good old-fashioned pen and paper list kept in a secure location such as a locked drawer or personal safe will do. However, you must remember to update this list periodically as you make changes. Do not keep a list on your computer or other device[viii].

  • Avoid using passwords that have been known to have been stolen. You can use the site Have I Been Pwned? to check for this[ix].

  • As an additional layer of protection, we recommend two -factor authentication. You can opt for text message codes or preferably an app which generates a random number sequence for you to enter in whenever you try to log into one of your accounts.

Protecting yourself and your loved ones against cyber threats is an increasingly important issue as more and more of our life moves online, from email to shopping to even utilities and bills. Creating a strong password is your first defense and can do a lot to protect your online life. For more information about creating a strong password and cybersecurity, contact our office. Remember, we are here to help.


Registered associates of Family Wealth Decisions Group are registered representatives of Lincoln Financial Advisors Corp. Securities and investment advisory services offered through Lincoln Financial Advisors Corp., a broker/dealer (Member SIPC) and registered investment advisor. Insurance offered through Lincoln affiliates and other fine companies. Family Wealth Decisions Group is a marketing name for registered representatives of Lincoln Financial Advisors Corp. 




[ii] ibid

[iii] ibid

[iv] ibid

[v] ibid

[vi] ibid



[ix] ibid