By Tracey Dowdy
By now we all understand the absolute importance of strong passwords to protect our personal data. Post-it notes get lost, hard copies kept in diaries and planners can be compromised, and smartphone memos and notes are also at risk.
The trick is to create and remember unique passwords for all your accounts. According to LogMeIn, which makes the LastPass password manager, it’s not uncommon for users to have 85 passwords for all your accounts, from banking to streaming to social media, making it impossible for the average individual to remember them all without help.
And although password security isn’t an iron-clad guarantee that your data will never be compromised or hacked, it certainly minimizes your risk. These tips will help you create, manage, and store secure passwords.
Write them down. That may seem counterintuitive, but if you have a safe, firebox, or file cabinet that can be locked, you can go old-school and write it down. Just be sure you limit the number of people who know you’ve written them down and where you store them.
Use a Password Manager. The best passwords are longer than eight characters, are hard to guess and comprised of a variety of characters, numbers and special symbols. The problem is those same features that make them hard to guess also make them hard to remember especially if you’re smart enough to use unique passwords for each account. Password managers like Dashlane, 1Password, and LastPass create secure, complex passwords and store them in an encrypted database.
Monitor whether your passwords have been compromised. Mozilla’s Firefox Monitor, Have I Been Pwned, and Google’s Password Checkup can show you which – if any – of your email addresses and passwords have been compromised in a data breach.
Avoid using birthdays, anniversaries, and other common passwords. Passwords like password, 123456, qwerty, or your birthday, anniversary, child, spouse or pet’s name are among the most common and easily guessed. If you’re using one or any of these, stop reading and go change it now!
The bigger the better. Eight characters are generally the suggested length for secure passwords but don’t be afraid to use more. The challenge, of course, becomes trying to remember those long, complicated characters, but that’s why password managers come in handy.
Don’t repeat your passwords. One of the biggest and most common mistakes we make, even with complex passwords, is repeating them across accounts. Don’t do it. Once they’ve guessed it for one, hackers will attempt to access other accounts leaving your data vulnerable.
Use two-factor authentication (2FA) Along with a complex, secure password, you should also use two-step verification (2FA) for an additional layer of protection so even if hackers guess your password, there’s an additional layer of protection. When you use 2FA, once the password is entered, you’ll be sent a one-time code – usually via text – so that only you can access the account. Without entering that code, the account remains locked.
Use an authentication app like Authy, Google Authenticator or Microsoft Authenticator instead of text messaging in 2FA. Once you’re set-up, you can choose to register your device or browser so you don’t need to keep verifying it each time you sign in.
By the way, a survey by the UK’s National Cyber Security Centre (NCSC), analyzed passwords belonging to accounts worldwide that had been breached. They also discovered that codes using names, sports teams and swear words are more popular than you might think.
The top 10 most common passwords were:
So, if you’re “protecting” yourself with any of those, it’s not a matter of “if” you’ll be hacked but “when.”
Tracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.