Password Generator

What is a secure password?

1. Length: Aim for at least 16 characters.
2. Complexity: Use a combination of upper and lower case letters, numbers, and special characters.
3. Avoid common words: Don't use easily guessable dictionary words or phrases, such as "password123".
4. Avoid personal information: Don't use easily obtainable information like your birthdate, name, the names of family members, postcodes, house numbers, phone numbers, ID card numbers, social security numbers, and so on in your passwords.
5. Bonus: Don't use common passwords, whose MD5 hash value could be inside the popular "rainbow tables".

How to keep your accounts safe?

1. Use unique passwords for every account. Avoid guessable patterns like sequences (password2024, password2025...) and variants (passwordDropbox, passwordProntonMail...) You can also use distinct email addresses for important/unimportant services (or use an alias service).
2. Use a password manager so you don't have to remember them all. Examples: LastPass, 1Password, Bitwarden, KeePass. Do not store your critical passwords in the cloud though. If you save them in your Web browser, never share your session. Password managers can also help you detect and change reused or weak passwords.
3. Use Two-Factor Authentication (2FA) wherever possible, especially for important accounts. Prefer authentication apps (Google Authenticator, Authy...) or hardware tokens (YubiKey...) to SMS messages.
4. Avoid sharing your passwords. If you need to share with someone you trust, use services like One-Time Secret to send the secret. Remember to change it afterward.
5. Avoid shared computers to log into your accounts. If you do, remember to log out afterward. When connected to a public Wi-Fi hotspot: use Tor, a free VPN or a web proxy.
6. Use encrypted connections. Check that the service uses HTTPS if you send data (authentication, forms, searches, chats...)

Protect your personnal information

1. Be careful with social media. Information shared on social media can be used in social engineering attacks or to answer security questions. Adjust privacy settings and be cautious about what you share.
2. Be wary of security questions. Avoid answers that can be easily guessed or found online (if possible, provide fake answers, and store them in your password manager).
3. Beware of phishing. Don't click on links from emails or SMS messages (use your favorite search engine or bookmark frequently used websites). Always verify carefully the domain name in the URL. Never download attachments from unknown sources.
4. Avoid web tracking. Access important websites from separate profiles. Search for information and do your shopping in incognito mode.

Protect your devices

1. Prevent physical access to your device. Always lock your computer and mobile phone when you leave them, close your web browser to avoid cookie interception.
2. Don't install software / browser extensions from sources you don't fully trust. Install new software inside a virtual machine, after checking their checksum or signature. Don't open PDFs, powerpoints (especially of cute cats) or any untrusted file.
3. Keep software updated. Regularly update your operating system, browsers, and other software to ensure you have the latest security patches.
4. Install an antivirus software. You can also use a firewall to block all unnecessary incoming and outgoing connections.
5. Activate hard drive encryption, and use specialized software if you want to erase sensitive data.
6. Secure your Wi-Fi and home network. Change the default username and password of your router. Use WPA3 encryption if your router supports it; if not, WPA2 is the next best. Disable remote management features.