Lock It Down: How to Use Strong Passwords and a Password Manager

October is National Cybersecurity Awareness Month, and Week 1’s focus is one of the simples and most effective ways to strengthen your security: using strong passwords and a password manager.

Why Strong Passwords Matter

Weak or reused passwords remain one of the leading causes of data breaches.

According to Verizon’s 2024 Data Breach Investigations Report, over 80% of breaches involve weak, stolen, or reused credentials.

Even worse, cybercriminals now use AI-powered cracking tools capable of guessing billions of passwords per second. That’s why experts recommend every password be at least 16 characters long.

Research from HSYS in 2025 shows it would take over 26 million years to brute-force a 16-character password made up of only lowercase letters: compared to less than a second for an 8-character one.

Recipe for a Strong Password:

  • At least 16 characters
  • A random mix of letters, numbers, and symbols
  • Unique for every account

Of course, remembering dozens of long, complex passwords isn’t realistic for most people. That’s where password managers come in.

Password Manager Mythbusters

Let’s clear up some common myths about password managers so you can use one with confidence.

Myth #1: If a password manager gets hacked, all your passwords are compromised.

 

Reality: Trusted password managers use zero-knowledge architecture, meaning even the company itself can’t access your data. When combined with multi-factor authentication (MFA), password vaults are one of the most secure tools you can use.

 

Fact: Even when a major password manager was breached in 2023, no master passwords or vault contents were exposed because of strong encryption.

Myth #2: My spreadsheet, notes app, or notebook is safer.

 

Reality: Manual methods are far riskier. Nearly 30% of users admit they store passwords in unsecured documents or physical notes. Password managers use AES-256 encryption: the same standard used by banks and governments to keep your credentials safe.

Myth #3: Password managers are expensive and hard to use.

 

Reality: Many password managers offer free versions with strong security features. Once installed as a browser extension or app, they can automatically generate and fill in passwords – making it easy to create strong, unique passwords while saving time.

Myth #4: My workplace won’t let me use one.

 

Reality: Many organizations now require password managers as part of their cybersecurity strategy. If yours doesn’t, use one personally –  it’s one of the best ways to reduce your individual risk online.

Getting Started

You don’t have to migrate everything overnight.

Start small: install a trusted password manager, then add a few accounts at a time. The software will flag weak or reused passwords and help you replace them with stronger ones.

 

Our recommended password manager settings:

  • MFA: Enabled
  • Minimum password length: 16 characters
  • Recovery codes: Saved securely (offline or in a safe)

The Bottom Line

Strong passwords are your first line of defense and password managers make it simple to stay secure.
With billions of credentials already leaked on the dark web, managing passwords safely isn’t just smart… it’s essential.

Take five minutes today to install a password manager and update your most important accounts. Your future self (and your data) will thank you.

national cybersecurity awareness month

National Cybersecurity Awareness Month

 

Onward Technologies is proud to be a National Cybersecurity Awareness Month Champion!

This October, we’re joining organizations nationwide to promote cybersecurity awareness, share best practices, and help businesses and individuals stay safe online. Cybersecurity is everyone’s responsibility — let’s work together to build a safer digital world.

Just For You: Trending Blogs

Why Nonprofits Can’t Afford to Overlook Managed IT Services

Nonprofits exist to make a difference - not to spend their limited time and resources wrestling with technology challenges. But in today’s digital-first world, IT plays a central role in nearly every nonprofit’s success. From safeguarding donor data to enabling remote...

Cybersecurity Risks for Chicagoland SMBs in 2025

Small and mid sized businesses (SMBs) in the Chicagoland area are more connected than ever - using cloud applications, remote workers, and digital payment systems to serve clients faster. But with convenience comes risk. Cybercriminals know SMBs often have limited IT...

Why Not All MSPs Are Created Equal: The Crucial Role of Security Expertise for SMBs

In today’s digital landscape, small and mid-sized businesses (SMBs) face an ever-growing range of cybersecurity threats. From ransomware to phishing and data breaches, the risks are real-and the consequences can be devastating. That’s why partnering with a Managed...

Windows 10 Support Is Ending—Is Your Business Ready?

Microsoft has officially announced that support for Windows 10 will end on October 14, 2025. While that date may seem far off, businesses that rely on Windows 10 should start planning now. Waiting until the last minute can expose your organization to serious...

Is Your Internal IT Team Stretched Too Thin? Signs It’s Time for Backup

Your internal IT team is the backbone of your business’s operations, but even the best teams can get overwhelmed. As technology environments grow more complex and security threats evolve, many companies find their IT staff struggling to keep up. So how do you know...

AI-Powered Meetings: How Microsoft Helps You Work Smarter

Meetings are a necessary part of any workplace, but let’s be honest—they can often feel like a waste of time. Between endless discussions, poor organization, and lack of clear action items, meetings can quickly become a drain on productivity. Fortunately, Microsoft’s...

Don’t Leave Your Business IT to Luck This St. Patrick’s Day

St. Patrick’s Day is a time for celebration, green attire, and perhaps a little bit of luck. But when it comes to your business’s IT and cybersecurity, luck should never be part of the equation. Hoping that your systems remain secure without proactive management is a...

Beyond Compliance: How MSSPs Help Businesses Build a Resilient Cybersecurity Strategy

Many businesses view cybersecurity compliance as a box to check: something to satisfy regulators and avoid penalties. However, compliance alone does not equate to security. Threat actors continuously evolve their tactics, and relying solely on compliance frameworks...

Why Businesses Should Be Thankful for Managed IT This Thanksgiving

As we gather around the Thanksgiving table, it’s natural to reflect on what we're grateful for. For many businesses, Managed Service Providers (MSPs) should be on that list. And this year, we took it a step further by asking our customers directly what they value most...

Spooky Cyber Threats: Protecting Your Business This Halloween

As Halloween approaches, it’s not just ghosts and ghouls that can give you a fright. In the dark corners of the web, cybercriminals are plotting their next attack - ready to sneak into vulnerable systems, steal valuable data, and leave businesses reeling from the...