Strong password protection has become critical as we use the internet for just about everything, including shopping, Social Media and services such as online banking. My 70 year old mom refuses to get paper bank statements in case someone intercepts her mail yet she is completely at ease with online banking. Go figure! That said, I had a hard time staying calm when I discovered she was carrying her passwords with her, right next to her bank account numbers. Very bad idea!
In addition to tips for creating sturdy passwords that are likely to stump hacking software, here are general guidelines to help protect online accounts and passwords.
- Create strong passwords:
- Use combinations of uppercase and lower case letters, numbers, punctuation and special characters.
- Strong passwords are 8 to 20 characters long – passwords over 9 characters are difficult for hacking software to crack.
- If you must memorize passwords, use the first letter of each word in a phrase and intersperse special characters. ie Humpty Dumpty – H&D&s&o&a&w&H&D&h&a&g&f
- Avoid usernames in passwords in any form (backwards, doubled etc).
- Don’t use obvious passwords such as names and numbers pertaining to you or your family. “Password1”, is one of the most commonly used passwords. “Monkey” and “0123456” are popular too. Stay far away from these.
- Check the strength of your passwords by clicking on this password strength checker on the official Microsoft site.
- Keep your passwords private:
- Don’t store password lists in unencrypted computer documents. These lists can be accessed if computers are hacked.
- Avoid storing written passwords close to your computer.
- Pairing passwords with account names and numbers on paper or technology is risky but it’s worse if you carry that information with you. Purses, wallets, cell phones, tablets and computers are easily stolen and why be an easy victim?
- Refrain from storing passwords in cell phones. For additional security tips read, How to Secure your Smartphone.
- Do not share your passwords with others.
- Be cautious when an app asks you to enter a password to another site in order to use that app. I usually avoid such apps.
- Do not use the same logons and passwords for multiple accounts. Hackers will obtain passwords from sites that are easier to break into and will try those same passwords on more secure sites.
- Do not have your browser remember passwords for you
- Change your passwords regularly – suggested frequency is every 3 months. If that’s not realistic for you, change them as often as you can manage.
- If you have a long list of passwords, use Password Management Software or Biometrics to create unique and strong passwords and to remove the need to memorize a huge volume of passwords.
- 1Password, LastPass, KeePass, KeePassX, RoboForm and Firefox Sync are popular software managers.
Most users speak highly of them and claim they don’t know how they ever managed without them. I’ve avoided a password manager because I don’t like my confidential information being stored in the cloud but I’m about to test one out for my less critical passwords. I’m trying to decide between LastPass and Password1 so if you have an opinion about password managers, please share it with me.
- “Biometrics” is the use of personally identifiable anatomical data (ie fingerprint, iris or facial scans) to access property, computer networks, cell phones, computers, ATM machines and more. Biometric advocates are huge fans, but others claim biometrics are unreliable. After conducting a poll, participating in LinkedIn discussions and reading comments following an article, Keeping Track of Passwords and Usernames, I abandoned my attempt to try a fingerprint reader.
Until next time … Stay Cyber Safe!