Best Practices with the AWC Password Generator: Settings & Strategies

Best Practices with the AWC Password Generator: Settings & Strategies

1. Choose the right length

• Minimum: 12 characters for regular accounts.
• Recommended: 16+ characters for sensitive accounts (banking, email, work).

2. Use a mix of character types

• Include: uppercase, lowercase, numbers, and symbols.
• Tip: Avoid predictable substitutions (e.g., “P@ssw0rd” patterns).

3. Prefer true randomness over patterns

• Disable any “pronounceable” or “memorable” modes if maximum entropy is required.
• Enable fully-random mode for high-value accounts.

4. Customize per-site entropy

• Longer for critical: increase length and symbol count for high-value services.
• Shorter for low-risk: acceptable for throwaway accounts or temporary services.

5. Avoid reuse and use unique passwords

• Every account gets a unique password. Reuse dramatically increases breach risk.

6. Integrate with a password manager

• Save generated passwords directly into a password manager (secure vault).
• Auto-fill minimizes copy/paste exposure and phishing risk.

7. Use passphrases when appropriate

• When memorability matters, use 4–6 random words (ideally with separators and added symbols/numbers).
• Combine passphrases with generator output for hybrid strategies.

8. Adjust symbol sets wisely

• Check service rules—some sites disallow certain symbols; exclude those characters when needed.
• Prefer a broader set when allowed to maximize entropy.

9. Periodically rotate high-value passwords

• Rotate every 1–2 years or immediately after a breach.
• Use rotation selectively—don’t change passwords unnecessarily, as frequent changes can reduce security if done poorly.

10. Secure generation environment

• Generate passwords on trusted devices and networks.
• Avoid public/shared computers and untrusted browsers or extensions.

11. Protect generated output

• Use clipboard managers that clear the clipboard after a short interval or avoid clipboard use entirely.
• Do not store passwords in plain text files or notes.

12. Enable multi-factor authentication (MFA)

• Always enable MFA where available—strong passwords + MFA provide layered security.

Quick Settings Cheat-sheet

• Mode: fully-random
• Length: 16+ (critical accounts 20+)
• Characters: uppercase, lowercase, numbers, symbols
• Exclusions: service-restricted symbols only
• Storage: trusted password manager
• Additional: enable MFA