Passwords are a necessary evil of the modern digital world. Password farming, whether through brute-force attacks or simple data breaches, has become one of the biggest sources of data and financial loss online. However, most of it comes back to people using weak, easy-to-break passwords. That’s not going to be you – at least if you follow the tips in this handy guide!
Why Passwords Matter
If your password is easy to guess, you’re inviting account hackers and data thieves to the table. We all know the drill- but if you were to know how badly many people’s password practices really are, you’d be horrified. From common words and the dreaded “123456” right through to family birthdays, pet names, and more, many of us are very guilty in this arena.
While no password is truly impossible to crack, there are a ton of security measures you can take to still keep your passwords easy-to-use, but nearly invulnerable to hackers.
How to Store Strong Passwords
Theoretically, the best passwords need to be random, meaningless strings of letters, capitals, special characters, and numbers. But this also makes them impractical to use – and very tempting to write down.
We’ve all heard the story of the dreaded post-it note with all your banking passwords left fastened to your screen. In truth, it’s more likely that a vengeful ex or malicious coworker would steal that information than an online hacker, but it’s still not a smart storage strategy. The same goes for using a note on your phone, especially as that’s usually also the device of choice for two-factor authentication. No need to hand the thief your vulnerable info on a platter!
Luckily, there are plenty of solid password managers out there to do this for you digitally. They encrypt the passwords, so no one on “their” end can actually see what you’ve chosen, and they’re safe from prying eyes, too. They allow you to generate and store the safest possible random passwords, adding an extra layer of security to your setup. Many offer online backup, too, behind secure encryption, so you’ll never lose the info you need.
Look for AES-256-bit encryption. Currently, in use by financial institutions and the military, it’s near-impossible to crack even if the database is compromised. If you then add two-factor authentication (more on this later) to the mix, you have a near-invulnerable vault to keep you safe.
Creating Strong Passwords
As we have already mentioned, a strong password should use all of these:
- Capital letters
- Lowercase letters
- Special symbols
Each new “factor” added to the mix makes the password harder to guess. Additionally, aim for at least 8 characters in the string. The longer it is, the more time needed for brute-force style having to even work out one, let alone all, characters in the string. Likewise, it’s less likely for a social media data farm or a phishing attack to crack it.
Bad Social Habits
Talking about social media data farming, you also need to take responsibility for what you’re revealing to unknown parties online. All those cute quizzes? Many of them are set up to learn more and more about you, giving away answers to security questions and giving hackers a place to start on what you might use as your password. Keeping your online info-share to the minimum can do a lot to keep you safe.
The Concept of Passphrases
If you still want a password you can remember, but want to keep it safe, the concept of a passphrase can be very useful. This is simply a long password, created with our earlier tips in mind. It skips the risk inherent in using places, names, and people that mean to you but stays in your memory more easily. What’s an example of a passphrase? Say you decide to make your new passphrase “Susan likes apples for lunch”. Easy to remember, right? But if you know no one named Susan and you’re allergic to apples, it wouldn’t be the first thing a hacker can guess. However, we’re going to change it up to comply with strong password standards. Think:
Change is Good
Using different passwords on different sites builds another layer of protection into the mix. If a hacker does get hold of one password, they can’t crack your world open with it. At worst, you have to react to one data breach, not the loss of your entire digital world.
Additionally, it’s good to change your passwords regularly. You can’t always control where hackers get data from. Sometimes, they manage to breach an institution’s data instead – think of the recent Equifax data breach. If the data is already old, it’s of no use to them.
Two-factor authentication adds another layer of security to the mix. After inputting a password successfully, you will receive a code, either on your phone or email, which you must also successfully input before you can enter the account. A two-second matter for someone legitimately using the account, but a closed-door for those trying to steal your data. Many platforms already offer 2FA “in-house”, especially social media sites and banking institutions, but some well-considered apps allow you to add it to a wider range of accounts, too.
Be Smart Online
While brute-force attacks can crack passwords, it’s far easier for the “bad guys” to get you to hand them the data outright. Be very wary of phishing scams, and always check that the source of any mail requiring you to give out sensitive information is valid. When in doubt, phone the institution instead of acting on an email that seems suspicious. Likewise, avoid public Wi-Fi which can easily be breached, keep your software updated so all security fixes are in play, and consider using a VPN to further obscure your online presence.
Keeping your passwords safe doesn’t have to be an ordeal. By taking some simple, easy-to-implement security steps, you can keep your online presence safe from cybercriminals, and keep your critical data and banking apps for your eyes only.
Join us on social networks!