Debunking common password myths

Debunking common password myths

Do you have multiple social media, work, banking, or shopping accounts online? Chances are you do, and each of these accounts requires a password to keep your information safe from unauthorized access. However, with so many different rules and requirements for passwords, it's easy to fall for some common myths. Let's debunk these myths and provide you with accurate information to keep your accounts secure.

Related article: 5 Topics that your company’s cybersecurity awareness training should cover

Myth 1: Special characters and numbers alone make passwords strong.

Fact: While special characters and numbers are essential, a strong password requires more than that. Follow these best practices:

  1. Use a unique password for each app/account. Avoid reusing passwords.
  2. Ensure each password has at least 12 characters, combining alphanumeric, special, uppercase, and lowercase characters.
  3. The longer the password, the better.

Myth 2: Password complexity matters more than length.

Fact: Longer passwords tend to be more secure than shorter, complex ones. For instance, a 19-character password without complexity is stronger than an 8-character password with complexity. So, aim for longer passwords with a mix of complexity.

Myth 3: Frequent password resets make password strength irrelevant.

Fact: Weak passwords are still vulnerable, regardless of how often you reset them. Always prioritize using long, complex passwords for added security.

Myth 4: Unimportant accounts don't need strong passwords.

Fact: Even for "unimportant" accounts, using weak passwords is risky. If they get compromised, attackers can exploit the personal information you provided for social engineering attacks.

Myth 5: Password manager apps are unsafe.

Fact: Reputable password managers are safe to use and can even help you meet complex password rules while facilitating frequent password changes. A good password management app will even make it easier for you to meet complicated password rules and frequent password changes.

Myth 6: Writing down passwords is unsafe.

Fact: While you should be cautious, it's safer to jot down passwords on paper than storing them digitally. Just make sure to keep the paper secure and away from prying eyes.

Myth 7: Using one complex password for all accounts is enough.

Fact: Having a single password for all accounts is risky, as a determined attacker could gain access to all your accounts. If one account is compromised, you all of your other accounts will be at risk of also being compromised. It's better to use unique, long, and complex passwords for each account, changing them regularly.

By understanding the truth about passwords and following these guidelines, you can protect your online accounts and personal information from cybercriminals. If you need assistance in creating strong passwords or setting up a password manager, our security experts at Fidelis are here to help. Contact us today to learn more and ensure the long-term protection of your accounts and sensitive information.


For many businesses, complying with the GDPR’s specific data security and privacy requirements may sound daunting, but it doesn’t have to be. Our eBook Navigating the Data Privacy Labyrinth: A Guide to GDPR Compliance can simplify your compliance journey.GRAB YOUR FREE EBOOK HERE!