A strong password isn’t necessarily a good password. More important than its strength is its uniqueness. This means that a good password must be different than any other password you use and ideally different than what anyone else uses.

The best password is a random password. And the best way to create those is by using a dedicated password manager app, like 1Password, LastPass or KeePass. These apps can create random passwords up to 64 characters long. The app remembers your passwords and fills out automatically. And because they are designed with security in mind, you can feel pretty confident your passwords are safe.

If you decide against using a password manager (not recommended) or trying to think of a good master password for it, here are some tips for human-created passwords:

Don’t use any information that is available to anyone, like birthdays, names or things like that.
The best passwords, being both easy to remember and hard to crack, are random words. This may sound counterintuitive but it’s true; even four, randomly selected words are stronger than the passwords we usually create. However, randomness is the key factor here, which is why we bolded it three times.


If you have to (or want to) use symbols and mixed capitalization avoid using the expected ones:

  • don’t capitalize the first letter, capitalize a random one.
  • don’t append a number at the end, add one within.
  • don’t use the usual letter symbol substitutions, like a = @ and s = $.
  • make it long—at least 16 characters long.
  • use a non-Latin alphabet and non-English words if you can.

But remember: Creating a great password and then using variations of it on different sites undoes the whole effort!

Why should my DigitalDiamonds password be different than any other password?
Actually, all your passwords should be different

If your password is the same as your email or Facebook password, then whoever knows that can simply open your account and send your money to themselves. And remember: our transactions are irreversible.

Additionally, the email backup link is worthless on its own, only the password enables the link to grant access to your funds. Unfortunately, though, online services get hacked all the time and login information stored on their servers, like emails and passwords, falls into the hands of the hackers.

We do not store on our web-servers any of your private information, which is why we can’t recover your password. If our site were to get hacked, the hackers would find nothing.

The Chrome password manager conundrum
If your password falls into the wrong hands AND is the same or even similar to your Gmail password AND you don’t have 2FA enabled, it’s likely the hackers will be able to reveal all your passwords!

Google Chrome has a feature that asks if you want to save your login credentials for the various sites you visit to automatically fill them in. It works like a password manager, but not as secure. Because whoever has access to your Google account can see all your passwords stored by Chrome plain as day! If your Gmail account is compromised and you’re saving all your passwords with Google Chrome then all your online accounts are at risk.