Russia Advises Citizens to Use 12-Character Passwords in 2026
Authorities say strong passwords should contain at least 12 characters and exclude personal information.
Russia’s Interior Ministry has outlined recommendations for protecting digital accounts with secure passwords. While biometric authentication remains the most robust safeguard, it is not always available. In such cases, users should create a unique code of at least 12 characters, combining upper- and lower-case letters, numbers and symbols.
According to the ministry, attackers typically deploy software that runs through large volumes of possible combinations to crack passwords. The longer the code, the lower the probability that such programs will successfully guess it.
Officials also advise against including personal details in passwords, such as important dates, names or even pet nicknames. These combinations are more vulnerable. Random, unconventional strings of characters offer stronger protection.
Do Not Share Credentials
Users should carefully verify the website where they enter their password. Fraudsters often create phishing pages designed to harvest sensitive information. Authorities recommend checking URLs closely and avoiding suspicious links.
The ministry also warns against reusing the same password across multiple services. If one account is compromised, others become vulnerable. Two-factor authentication provides an additional layer of protection, requiring a one-time SMS code in addition to the password. Under no circumstances should users disclose such codes over the phone, officials said, noting that law enforcement agencies do not request this information.
