Did you know that the most popular password in 2018 was “123456”? Or that the second most popular was “password”? Third place was “123456789” and fourth place was “12345678.”

Talk about making things easier for hackers! Let’s take a look at what the best length is for passwords, then whether you really need to worry about having a complex password or not.

What is the best password length?

There’s no magic length that makes a password more secure. But as a rule of thumb, extremely short passwords are not a good idea.

Specifically, the guidelines from the United States National Institute for Standards and Technology (NIST) recommend a minimum length of 8 characters. They also recommend that online portals allow at least 64 characters for the maximum limit.

So if you’ve been using a password shorter than that, it’s time to update your password to be longer.

Password length vs. complexity

IT professionals have been advising people for years to create secure passwords. If you’ve ever found yourself struggling to find yet another special character you’ll remember, you’re not alone. That’s one reason why password managers have become so popular.

But does your password really need to be that complex? Or can you simply make it longer?

As it turns out, a longer password with simple english words is just as secure as a short password with special characters. Maybe even more secure!

The NIST now recommends you keep your password simple but long. No longer do you need to insert a bunch of special characters in your password, making it harder to remember.

Of course, it can still be beneficial to use a password manager. But combine that with longer passwords for better security over short, complex passwords.