Keeping Passwords Safe & Strong

May 29, 2019

These days most people have a long list of accounts online, from social media to shopping.

Using strong passwords is paramount to protecting yourself online. In most cases, it’s the only thing stopping hackers from accessing your private data. But, keeping track of your passwords can be a nightmare, and many of us are guilty of using the same password again and again for different account logins – but it simply isn’t secure. If a website you use is hacked and your password stolen, anyone that gets hold of it can also break into your other accounts which have the same password.

Passwords are our first line of defence.

First, let us look at how we can create a strong password. According to the traditional advice—which is still good—a strong password:

  • Has a minimum of 12 characters
  • Includes Numbers, Symbols, Capital and Lower-Case Letters
  • Isn’t a Dictionary Word or Combination of Dictionary Words
  • Doesn’t use Keyboard Patterns, like qwerty, 12345, asdzxc, etc
  • Is Unique and not used for another account

DIY Password Creation

While passwords that are easy for you to remember are also less secure than a completely random password, following these tips can help you find the right balance between convenience for you and difficulty for hackers.

  1. Create a unique acronym for a sentence or phrase you like
  2. Use phonetics, such as ‘PH’ instead of ‘F’ or ‘UU’ instead of ‘W’
  3. Invent your own “word”, like ‘StringleBob’ or ‘Mow4Linger’

Use a Password Generator

A password generator is a tool that automatically generates a password based on guidelines that you set to create strong and unpredictable passwords for each of your accounts.

Here are two examples you might want to use:

Keep Passwords Safe

It’s all well and good having strong passwords that we think we’ll remember, but we know we’re bound to forget them sooner or later. That’s when a password manager comes in to save the day. A password manager saves you time and energy when trying to log into sites you use, regardless of whether it’s frequently or rarely.

When you want to log into, Facebook, for example, the password manager recognises the sites URL and automatically populates the username and password fields in your Facebook account for you. It’s as easy as that.

There are lots of free and paid for password managers available, so do your research and find the one that best serves your needs.

Don’t Be A Fool

Resist the temptation to hide passwords under your keyboard or to stick them on your monitor. Stories about hackers getting passwords by rummaging through trash, also known as dumpster-diving, are real.

When you type your password in a public place, make sure no one is watching or looking over your shoulder.

Passwords for financial, email, and social media accounts should be changed on a regular basis, at least every two months

A Little Extra Security

Two-factor authentication, or 2FA, is a method of verifying your identity that adds a second layer of security to your account password. Types of two-factor authentication can include any of the following:

  • Something you know: a PIN number, password, or pattern
  • Something you have: an ATM or credit card, mobile phone, or security token
  • Something you are: a biometric form of authentication, such as your fingerprint, your voice, or your face

With two-factor authentication (2FA), you get an extra layer of security that hackers may not be able to crack as easily, because the criminal needs more than just the username and password credentials. You may already be using 2FA without realizing it. Your ATM card is an example, combining your physical card and your PIN.

Remember that nothing is 100% secure, and even 2FA can be vulnerable to hackers. If a cybercriminal gains access to the email account associated with your 2FA information, they could reset your password by selecting “Lost/Forgot password” on a given site’s login page. This password recovery option could completely bypass 2FA and allow the hacker to create a new password, locking you out of your account. Be sure to monitor your email account for messages requesting password changes.

And remember, your passwords are private, so keep them to yourself.

At IH Media, we have Website Maintenance packages to help keep your website secure.