Surveys show most computer users aren’t great at picking secure passwords — and that could be putting your organization at risk.

Whether it’s to lock mobile devices used for business or e-mail that contains sensitive company info, good passwords are a key to security.

Many are easy to guess, because they follow a familiar pattern — a word, plus a 1 or ! tacked on to the end because the user is prompted to include a number or other character.

Here are some tips for users to help them choose passwords that are nearly impossible to guess:

• Go beyond words — Experts recommend using something other than a common word or phrase. For example, users can choose a sentence that’s easy to remember and take the first letter from each word.
• Use more than one — A common mistake is using the same password every time, which is problematic for obvious reasons.
• Use at least 8 characters, with a mix of numbers and upper- and lowercase letters — When a password’s only made up of five letters, there are 11.9 million possible combination. Sound pretty safe? Not when you consider that a password with eight mixed characters has 899.2 trillion possibilities.
• Put numbers and punctuation in the middle — If an acronym is used, an easy way to do this is to use 2 in place of “to”, & in place of “and”, @ in place of “at”, etc.