Skip to product menu
close
  • Recent Launches
    Press Space or Enter to display list of options
EXPLORE ALL PRODUCTS

Recent Launches

New

Payroll software with automated tax payments and filing.

Try now
New

Robotic process automation software to automate high-volume, rule-based tasks.

Try for free
New

Low-code IoT platform and solutions for connected businesses.

Try now
New

Business formation service to launch and grow your businesses.

Try now
New

Privacy-friendly application analytics solution.

Try for free

Sales

 
CRM

Comprehensive CRM platform for customer-facing teams.

CRM
 
Bigin

Simple CRM for small businesses moving from spreadsheets.

Bigin
 
Forms

Build online forms for every business need.

Forms
 
SalesIQ

Live chat app to engage and convert website visitors.

SalesIQ
 
Bookings

Appointment scheduling app for consultations with customers.

Bookings
 
Sign

Digital signature app for businesses.

Sign
 
RouteIQ

Comprehensive sales map visualization and optimal route planning solution.

RouteIQ
 
Thrive

Complete loyalty and affiliate management platform.

Thrive
 
Voice

Cloud Contact Center Software for businesses.

Voice
 
Suites
CRM Plus

Unified platform to deliver top-notch customer experience.

CRM Plus

Marketing

 
Social

All-in-one social media management software.

Social
 
Campaigns

Create, send, and track targeted email campaigns that drive sales.

Campaigns
 
Forms

Build online forms for every business need.

Forms
 
Survey

Design surveys to reach and interact with your audience.

Survey
 
Sites

Online website builder with extensive customisation options.

Sites
 
PageSense

Website conversion optimization and personalisation platform.

PageSense
 
Backstage

End-to-end event management software.

Backstage
 
Webinar

Webinar platform for webcasting online webinars.

Webinar
 
Marketing Automation

All-in-one marketing automation software.

Marketing Automation
 
LandingPage

Smart landing page builder to increase conversion rates

LandingPage
 
Publish

Manage all your local business listings on a single platform.

Publish
 
SalesIQ

Live chat app to engage and convert website visitors.

SalesIQ
 
Sign

Digital signature app for businesses.

Sign
 
Thrive

Complete loyalty and affiliate management platform.

Thrive
 
Voice

Cloud Contact Center Software for businesses.

Voice
 
NEW
LeadChain

Sync, manage, and convert leads across channels seamlessly.

LeadChain
 
NEW
CommunitySpaces

Online community platform for individuals and businesses to grow their network and brand.

CommunitySpaces
 
Suites
Marketing Plus

Unified marketing platform for marketing teams.

Marketing Plus

Commerce and POS

 
Commerce

eCommerce platform to manage and market your online store.

Commerce

Service

 
Desk

Helpdesk software to deliver great customer support.

Desk
 
Assist

Remote support and unattended remote access software.

Assist
 
Lens

Interactive remote assistance software with augmented reality.

Lens
 
FSM

End-to-end field service management platform for service businesses.

FSM
 
SalesIQ

Live chat app to engage and convert website visitors.

SalesIQ
 
Voice

Cloud Contact Center Software for businesses.

Voice
 
NEW
Solo

The all-in-one toolkit for solopreneurs.

Solo
 
Bookings

Appointment scheduling app for consultations with customers.

Bookings
 
Suites
Service Plus

Unified platform for customer service and support teams.

Service Plus

Finance

 
Books

Powerful accounting platform for growing businesses.

Books
 
FREE
Invoice

100% Free invoicing solution.

Invoice
 
Expense

Effortless expense reporting platform.

Expense
 
Inventory

Powerful stock management and inventory control software.

Inventory
 
Billing

End-to-end billing solution for your business.

Billing
 
Checkout

Collect payments online with custom branded pages.

Checkout
 
NEW
Payroll

Payroll software with automated tax payments and filing.

Payroll
 
NEW
Solo

The all-in-one toolkit for solopreneurs.

Solo
 
Practice

Practice management software for accounting firms.

Practice
 
Sign

Digital signature app for businesses.

Sign
 
Commerce

eCommerce platform to manage and market your online store.

Commerce
 
Suites
Finance Plus

All-in-one suite to manage your operations and finances.

Finance Plus

Email and Collaboration

 
Mail

Secure email service for teams of all sizes.

Mail
 
Meeting

Online meeting software for all your video conferencing & webinar needs.

Meeting
 
Writer

Word processor for focused writing and discussions.

Writer
 
Sheet

Spreadsheet software for collaborative teams.

Sheet
 
Show

Create, edit, and share slides with a sleek presentation app.

Show
 
Notebook

Beautiful home for all your notes.

Notebook
 
Cliq

Stay in touch with teams no matter where you are.

Cliq
 
Connect

Employee experience platform to communicate, engage, and build positive employee relations.

Connect
 
Bookings

Appointment scheduling app for consultations with customers.

Bookings
 
TeamInbox

Shared inboxes for teams.

TeamInbox
 
WorkDrive

Online file management for teams.

WorkDrive
 
Sign

Digital signature app for businesses.

Sign
 
Office Suite

Powerful collaborative work platform for teams.

Office Suite
 
Office Integrator

Built in document editors for web apps.

Office Integrator
 
ZeptoMail

Secure and reliable transactional email sending service.

ZeptoMail
 
Calendar

Online business calendar to manage events and schedule appointments.

Calendar
 
Learn

Knowledge and learning management platform.

Learn
 
Voice

Cloud Contact Center Software for businesses.

Voice
 
ToDo

Collaborative task management for individuals and teams.

ToDo
 
Tables

Work management tool to connect people, processes, and information.

Tables
 
FREE
PDF Editor

Collaborative online PDF editing tool.

PDF Editor
 
Suites
Workplace

Application suite built to improve team productivity and collaboration.

Workplace

Human Resources

 
People

Organize, automate, and simplify your HR processes.

People
 
Recruit

Intuitive recruiting platform built to provide hiring solutions.

Recruit
 
Expense

Effortless expense reporting platform.

Expense
 
Workerly

Manage temporary staffing with an employee scheduling solution.

Workerly
 
NEW
Payroll

Payroll software with automated tax payments and filing.

Payroll
 
Shifts

Employee scheduling and time tracking app.

Shifts
 
Sign

Digital signature app for businesses.

Sign
 
Suites
People Plus

Comprehensive HR platform for seamless employee experiences.

People Plus

Security and IT Management

 
Creator

Build custom apps to simplify business processes.

Creator
 
Directory

Workforce identity and access management solution for cloud businesses.

Directory
 
FREE
OneAuth

Secure multi-factor authenticator (MFA) for all your online accounts.

OneAuth
 
Vault

Online password manager for teams.

Vault
 
Catalyst

Pro-code platform to build and deploy your apps.

Catalyst
 
Toolkit

Complete resource for any admin-related lookup queries.

Toolkit
 
Lens

Interactive remote assistance software with augmented reality.

Lens
 
Assist

Remote support and unattended remote access software.

Assist
 
QEngine

Test automation software to build, manage, execute, and report testcases.

QEngine
 
NEW
RPA

Automate manual, tedious, and repetitive tasks easily.

RPA

BI and Analytics

 
Analytics

Modern self-service BI and analytics platform.

Analytics
 
Embedded BI

Embedded analytics and white label BI solutions, tailored for your needs.

Embedded BI
 
DataPrep

AI-powered data preparation service for your data-driven organization.

DataPrep
 
NEW
IoT

Harnessing IoT analytics for real-time operational intelligence.

IoT

Project Management

 
Projects

Manage, track, and collaborate on projects with teams.

Projects
 
Sprints

Planning and tracking tool for scrum teams.

Sprints
 
BugTracker

Automatic bug tracking software for managing bugs.

BugTracker
 
NEW
Solo

The all-in-one toolkit for solopreneurs.

Solo

Developer Platforms

 
Creator

Build custom apps to simplify business processes.

Creator
 
Flow

Automate business workflows by creating smart integrations.

Flow
 
Catalyst

Pro-code platform to build and deploy your apps.

Catalyst
 
Office Integrator

Built in document editors for web apps.

Office Integrator
 
ZeptoMail

Secure and reliable transactional email sending service.

ZeptoMail
 
QEngine

Test automation software to build, manage, execute, and report testcases.

QEngine
 
Tables

Work management tool to connect people, processes, and information.

Tables
 
NEW
RPA

Automate manual, tedious, and repetitive tasks easily.

RPA
 
NEW
Apptics

Application analytics for all apps.

Apptics
 
Embedded BI

Embedded analytics and white label BI solutions, tailored for your needs.

Embedded BI
 
NEW
IoT

Build, deploy, and scale IoT solutions for connected businesses.

IoT
 
DataPrep

AI-powered data preparation service for your data-driven organization.

DataPrep

IoT

 
NEW
IoT

Low-code IoT platform and solutions for connected businesses.

IoT

Search Result

 
CRM Plus

Unified platform to deliver top-notch customer experience.

Try now
CRM Plus
 
Service Plus

Unified platform for customer service and support teams.

Try now
Service Plus
 
Finance Plus

All-in-one suite to manage your operations and finances.

Try now
Finance Plus
 
People Plus

Comprehensive HR platform for seamless employee experiences.

Try now
People Plus
 
Workplace

Application suite built to improve team productivity and collaboration.

Try now
Workplace
 
Marketing Plus

Unified marketing platform for marketing teams.

Try now
Marketing Plus
 
All-in-one suite

Zoho One

The Operating System for Business

Run your entire business on Zoho with our unified cloud software, designed to help you break down silos between departments and increase organizational efficiency.

TRY ZOHO ONE
Zoho One
Zoho Marketplace

With over 2000 ready-to-use extensions across 40+ categories, connect your favorite business tools with the Zoho products you already use.

EXPLORE MARKETPLACE
Marketplace
Skip to main content
All
  • All
  • Admin Settings
  • Setting up Zoho Mail
  • Getting Started
  • Managing Inbox
  • Using Mail suite apps
  • Drafting emails
  • Sending emails
  • Composing Emails
  • Integrations
  • Customizing settings
  • Inbox management
  • Integrating with apps
  • Securing your data
  • Searching your Inbox
  • Email

How to create a strong password?

What is a password? 

The password is a secret word or phrase used to verify your identity and gain access to your email account or an application or your devices. It is required to secure your data, and prevent any unauthorised access or misuse of your account. 

In the world wide web, every application you use needs to be secure and allow you to protect your information by providing unique authentication using your username and a password. While your username can be your email address or a unique id you choose, the password is a set of characters used to verify your identity using the authentication process.

Passwords are generally set by you, as the user of the application when you sign up for the service or when you use a device. 

In general, passwords can be of any length and can contain alphabets(both upper and lowercase letters), special characters, and numbers. Certain applications have some minimum requirements in terms of length and provide some guidelines for securing your data in that application. 

create a strong passwork

What is a strong password? 

A strong password can be defined as a secure and strong word or phrase, set by the user in a manner that is very hard to be guessed by a person or a program designed to crack passwords. The following points outline the attributes of a strong password that cannot be hacked into, easily.           

  • Long with 12+ characters
  • Mixed Content
  • Memorable & Unique
  • Not repeated / reused
  • Customised for each app
  • Expires at a set time
  • Not saved in plain text
  • Generated using a password generator 
  • Managed using a password manager 
  • Multi-Factor Authenticated 
  • Password policy enforced 

Attributes of a Strong Password

1. Long passwords

It is highly recommended that you use a minimum of 12 characters in a string for a strong password. Long passwords are generally hard to crack. Attackers use a method called brute-force method - different combinations of various alphabets, numbers, special characters, and so on - to crack the account. When the passwords are long, the brute-force method cannot crack the password easily. Most of the applications have a security feature that allows a certain number of wrong attempts after which the account gets locked for some time. 

Examples:

  • $ummerOf2022
  • Ar+@#ear+2022

2. Use mixed content in passwords

Ensure that the password constitute of numbers, special characters, and uppercase and lowercase alphabets to ensure that you have a strong password.

Examples: 

  • M3x!c0$p!55@
  • (al!Forn!@>

3. Memorable unique passwords

In some cases, when you have long passwords the users who set them may forget the passwords themselves. Hence it is recommended to create memorable unique passwords. If you are using password managers, the passwords are random characters and hence they cannot be remembered by the users and they will need password managers to create and use the passwords. 

If you do not have password managers, you need to create memorable passwords which are also unique. Here are some tips below to create long memorable unique passwords: 

  • Do not use information connected with you like birthdays, phone number, spouse names, parents' names, kids' names, or pets' names as passwords as there may be other people who might know and have access to such details. 
  • You can create a base phrase for your password, but make sure you change that base word to a non-dictionary phrase. 
  • Replace vowel characters with special characters/ numbers that you can associate with that vowel. (a - @, e - 3, i - !, o - 0, u - * ). Similarly, you can also create a replacement pattern for other letters also. (s - $, h - #, x - %, B - 8, c - (, l, |, k, <, v, > and so on). 
  • Make sure that you remember the base word and your character replacement pattern by heart. As a best practice, do not write them down anywhere.
  • In addition, you can also use smiley symbols in place of special characters to remember the password. Ex: You can end the password with :) or :P 

Examples: 

  • D0n+qu!t23
  • D0nt5mok3
  • F0ll0wRuL35

4. Do not repeat/ reuse/ recycle

Another common mistake is reusing the same password in multiple applications. This poses a serious security threat, when even one of the apps gets hacked due to your carelessness or due to some security hole in the application, and your password is exposed, the attacker might try to use the same password in other applications. 

When you consciously avoid using the same password in multiple applications, the damage is controllable and minimised. Only that particular application that got hacked is insecure, while the other applications and data are secure. You can focus on securing only that application by changing passwords or adding an identity-based multi-factor authentication and protecting sensitive data in that account. 

5. Customise passwords

To avoid using the same passwords for different apps, you can customise your passwords. In the base phrase that you have set, you can append it with the short form of the app you use to create unique and memorable passwords, customised for the app.

Examples:

  • 2023l0v3lyp@55w06d_s3p_tw 
  • (:!@mStr0ng:)

6. Set password expiry

Password expiry is the ability to set a period - after which the password expires and the user has to set a new password for the account. This ensures that the passwords do not stay dormant - and hence this adds more security to the account. In addition to password expiry, the administrators can also set more rules related to password usage in a password policy.

Example: 

With a password policy, you can set the password expiry as 30 or 45 days. This will ensure that the passwords are changed every 30/ 45 days. 

7. Do not save in plain text 

When you save your password or a list of passwords in plain text in a file in your system, it would be in a clear readable format. This is not in an encrypted mode and can be easily read by anyone or scanned by a program that has got access to your system either normally or during a hack or virus attack. 

Even if you want to save some passwords for better retrieval, it is better to use password managers - which store them in an encrypted mode and cannot be accessed in plain text mode. 

How to set a strong password?

Use a Password manager/ generator

A password manager is an application or service that helps you manage your passwords securely. When you have a lot of applications and accounts, a password manager is the best tool to help you manage all your passwords securely from a single place.

Share passwords securely

An efficient password manager not only encrypts and stores the passwords securely but further provides features like sharing with other collaborators. You can also check out Zoho Vault, an online password manager service provided by Zoho. 

Most of the time, certain accounts are commonly used by more than one person and the user needs to create and share passwords with the other users. This makes it difficult to track password expiry, change of password, and so on. Hence, a password manager makes the sharing process efficient and secure. 

Enable Multi-Factor Authentication

Multi-factor authentication refers to the authentication process, which requires the users to provide more than one method to verify their identity and access an account or an application, or a network. When most of these applications require a password and a verification code that is sent to the user's mobile number or a time-based verification code generated in an application set up by the user. The users can also set up authentication based on their fingerprint or their iris - which is scanned during the authentication process for verifying the user identity. 

Use password-less authentication 

Modern applications are also moving towards password-less authentication, where the multi-factor authentication involves what you have (a code generated using mobile devices via time-based authenticators or sms, or a code generated via a security token) and what you are (a biometric identification via fingerprints, iris, voice or face recognition). 

Password-less and Multi-Factor Authentication involving biometric verification is considered to be more secure than just password-based authentication. 

What is a Password Policy?

A Password Policy is a set of conditions set by an organization for the applications, to ensure that the users create and use strong passwords in a secure manner. A good password policy defines the following: 

  • Minimum password length 
  • Password expiry duration 
  • Deny historical passwords
  • Not contain dictionary phrases/ user names etc. 

Email accounts need a strong password policy, to ensure that users create and use strong passwords for their mail accounts and avoid them from being hacked.

When an email account gets hacked, it not only compromises the data in your account but also creates a series of other problems. The hackers may send spam or phishing emails from your account to your contacts. Misusing your business email address, they may get access to secure data of your organization. They can get access to social media accounts and financial accounts that are linked with the email account, thus creating personal and financial losses. 

Enforcing the users to create strong passwords by implementing a password policy helps organizations prevent such attacks to a certain extent. However, adding TFA or MFA will create an additional layer of security and avoid these security threats to a large extent. 

Here are some guidelines to create a good password policy for your organization: 

Example of a secure password policy: 

  • Minimum password length: 12
    • should contain at least 1 uppercase
    • 1 lowercase 
    • 1 number
    • 1 special character
  • Password expiry duration: 30 days 
  • Password history: Do not repeat last 3 passwords. 

How to Enforce a Password Policy in Zoho Mail?

Zoho Mail is a secure email service primarily intended for business communication. Once you create an email account, you can create and apply a password policy for your organization in the Zoho Mail Admin Console. 

Steps to create password policy in Zoho Admin Console:

  1. Login to Zoho Mail Admin Console
  2. Navigate to Security & Compliance on the left pane. 
  3. Click Security and go to Password Policy
    Password Policy
  4. On the Password Policy section, specify the values for the respective fields and define the following: 
    • Minimum password length
    • Minimum number of passwords in history
    • Minimum number of special characters
    • Minimum number of Numeric Characters
    • Password Expiry Period(Days)
  5. You can also choose to send a password expiry notification to the users and remind them to change their passwords by checking the Send password expiry notification to users option.
  6. Once done, click Update.

You can also reset the edits you made from the previous setting by clicking Reset or go back to the initial configuration that Zoho Mail set as default by clicking Reset To Default.