With the plethora of websites (social media, e-commerce, subscriptions) for which you probably have accounts, there’s simply no easy ways to remember every single password without duplicating passwords or resorting to some sort of pattern.
With the likes of Facebook, Twitter, and LinkedIn, to name a few, every Netizen has numerous password used in logging in to his or her accounts. But with so many passwords to remember, many use the same passwords or derivatives thereof mainly because we aren’t masters of memory – and therein lies the problem.
Keep in mind that data breaches have serious consequences! This is particularly true when your sensitive personal information including bank account numbers, social security numbers, credit card numbers, and private documents are accessed by unscrupulous individuals. In many cases, data breaches are so massive that an entire network can be hacked, such as the 2016 LinkedIn incident where 164 million accounts were compromised.
How then can you protect yourself from a data breach? Well, it starts with using strong passwords (not random password) for your online accounts and here are a few tips we’ve found to be useful in not being the village idiot.
Never Reuse Passwords
Many people use the same passwords for all their regularly-visited sites for many reasons, such as the difficulty of remembering different passwords for 10 different sites and the complexity of the password requirements. For example, Site X requires a password with 14 characters consisting of a letter, a number and a symbol while Site Y only requires a password with 8 characters but with not symbols.
If you have accounts in numerous sites, from social media to newspaper subscription services, you will likely use the same password and their derivatives. We understand but once hackers know your password for a specific site, they would use it to hack into your other accounts. You will end up with many, if not most, of your accounts being compromised.
Tip: Use different passwords for each of your accounts. Be sure that these passwords are as different from each other as English is to French – mix them up, man!
Avoid Using Algorithms, Too
We also understand that thinking of different passwords every time you sign up or when you’re changing passwords for your accounts can be challenging. Many people use a do-it-yourself algorithm or method in generating passwords, an admirable effort but it’s just as dangerous for your online security.
Why? When one of your passwords is compromised, hackers will likely have an easy-peasy time figuring out your method – and trust us when we say that your method isn’t as unknowable as it seems. Oftentimes, the best way of making secure passwords is to not have a method at all!
And if your method involves using the birthdays, nicknames and/or workplaces/schools/favorite places of your family, more so yourself, then you’re in more trouble than you realize. Hackers will look at your online profile, get information, and use it to figure out your passwords.
Tip: Combine random lowercase letters, uppercase letters, symbols, and numbers, when allowed by the site’s password requirements, to create a unique password. Try “<M%96at)#” that hackers aren’t likely to guess at.
Skip the Too Short, Too Simple Mistake
There’s a reason why most websites require passwords with at least eight characters – with the increase in processing speed, passwords consisting of less than eight characters is akin to just giving your online information to anybody who wants it. So, even if a website requires just six characters, go for at least eight, perhaps more than eight characters depending on the sensitivity of the information.
For example, banking accounts should ideally have 14 to 16 characters. If you’re protecting extra-sensitive information, you would be well-advised to go for a 25-character password. Use both lowercase and uppercase, special characters, random number, and with the recommended password length.
Is that one too many characters? Well, think about the negative effects on your life if hackers figure out the password to your bank accounts!
But just because a password has 30 characters doesn’t mean that it’s already safe! Keeping your password too simple, such as the entire alphabet in its order or the numbers from 1 to 20, also makes it vulnerable. Passwords related to your interests or hobbies aren’t recommended, too, since hackers will look to them for clues. Avoid weak passwords, and random password generator, they may be difficult for you to remember.
Keep Them in Your Head or in an App
Let’s say that you have unique passwords that will stand even the efforts of the most experienced hackers because these are completely random, as well as consists of 15-20 characters. What now? Well, now the worst thing you can do is to write them down on a notebook, on sticky notes, and on an Excel spreadsheet with the file name “Passwords”!
You may as well just give the passwords to your social media accounts, subscriptions, and bank accounts to everybody who asks for them.
But if you want to keep your strong passwords as secure as possible, you should get a password manager. Think of it as your little black book where your most important online information can be kept with a master key, which only you have access to at any time.
While password manager apps work in different ways, these work in a basic manner, as follows:
- Make an encrypted file where your passwords can be stored in
- Provide the means by which you, the authorized user, can access the encrypted file; depending on the authentication methods used, the access can be in the form of a password, a fingerprint, or a cryptographic key.
- Allow you to copy and paste the password for a specific account whenever you’re logging on a device; you don’t have to know the actual password for a said account because the password manager does the work for you.
Obviously, the best benefit of using a password manager is in creating complex passwords without the need to remember all of them! With it, you just need to remember two passwords: first, a password to log into your personal computer or smartphone; and second, a password to access your password manager. Even with a complex password for each of them, you’re more likely to remember them because your memory bank isn’t overwhelmed. And, remember to create a new password every six months for websites and mobile (Android, OS X).
Even with a password manager, you should regularly change your passwords once every six months or when you have suspicions of a data breach. You don’t have to change it every month because it can be inconvenient, not to mention that you will be tempted to keep it too short and too simple.
Also, check out How to Build Customer Trust on a New E-Commerce Store