How Hackable is Your Password?

While information security can be a challenge for nonprofits in general (e.g., lack of resources, lack of knowledge, lack of in-house technology staff, etc.) – there is one simple thing that everyone working at a nonprofit can do to improve security:


Most of us have either made or heard the usual excuse (“That’s too hard, I’ll never remember it!”) and some of us even use the same weak password for multiple accounts. Even if your face is turning beet red right now with shame, keep reading…it might save your life someday.

But…I’m not a target for hackers

If you are reading this and thinking “oh, why would anyone want to hack my stuff?” – consider that hackers don’t actively sit there at their computers and look for attractive targets. Hackers use software apps that let them scan hundreds or thousands of sites and accounts automatically, looking for flaws and ways into a system. They also have apps that let them try “brute force” attacks, which essentially means trying password after password (computer generated as well) until something works.

What’s a “strong” password these days?

A strong password contains a combination of letters, numbers and special characters like @, #, %. However, that’s not enough. The length of your password also makes a difference:

Amount of time to crack passwords

How are you feeling about your password strength now?

Other ways to improve password strength

Some of these may be obvious, but they are worth repeating here because, after all of the news we hear about hacking and compromised accounts, many people are still kinda lazy about passwords.

  • Don’t use a common word or a dictionary word. You can use a phrase, but even then you’ll want to mix it up a bit.
  • Use 2-step verification if it’s an option. Yes, 2-step verification is a pain in the behind that gets no love from anybody. It sure beats all the work you have to do to clean up identity theft though.
  • Change your password regularly. If you are the person responsible for your nonprofit’s technology, set password policies that enforce regular password changes.
  • Don’t give your password to anyone else. Regardless of the situation or need.

As a final thought, here’s a great infographic on creating strong passwords:

Creating strong passwords