When it comes to online security and safety, your passwords are your first line of defense. They prevent others from accessing our private and important information, including e-mail, social media, financial data, shopping and so much more. With all of that riding on a password, you need to make sure you’re keeping it as secure as possible. We’ve compiled the tips below for creating and storing strong passwords.
Choose a Different Password for Each Account
Using the same password for all of your online accounts is risky business. If someone else is able to obtain your password, they will have access to all of your accounts. Think about it – if someone learns your e-mail password, they might try using the same password for your Facebook account, bank account, and even your school or work computer. This is very dangerous. To avoid this problem, create different passwords for each of your accounts.
Create Long, Complex Passwords
The longer your password, the stronger it is. So, you should try to create long passwords containing at least nine characters. Those characters should be a mix of letters (upper- and lower-case), numbers and symbols. You can also try creating pass-phrases, which are a lot longer and more secure but easier to remember. For example, a strong nine-character password might be “Beach!123” but an even stronger pass-phrase might be “IGoToTheBeach1TimeEveryYear”. Even though your password will be really long, you can also make it easy to remember, since it might be a sentence or an idea.
(for further reading, check out The Ultimate Guide for Creating Strong Passwords)
Use a Password Generator
Another way to create strong passwords is to use a password generator. A quick Google search will reveal many free password generators; I prefer the Secure Password Generator. You can set password length and complexity by adding upper and lowercase letters, numbers and symbols. The downside of using this method is that the passwords you generate will be very difficult to remember, though if you’re setting a temporary password or using a password manager (see below), it shouldn’t be a problem.
Change Your Password Often
Although there’s a lot of debate on the subject, you should change your passwords on a regular basis. If you have a shorter password, try to change it at least once every 90 days. If longer, such as the passphrase above, you could probably get by with changing your password once every six months. Of course, if you ever learn that one of your passwords is compromised, either because one of the sites you used was hacked or because you shared it with a person you don’t trust, change it immediately.
Use a Password Manager
Using different strong passwords, changing them often, and remembering everything can be a tough task. To make things simpler, use a password manager such as LastPass. A password manager will securely store all of your passwords, help you generate passwords, remind you to change your passwords, and even help you securely share your password with others without allowing them to actually see it. Password managers aren’t for everyone – they present their own set of security concerns – but for most users, including average ones, it works really well.
Guard Your Password Like It’s Gold
Your password is supposed to be a secret – you’re proving your identity based on something that only you know. So, if it isn’t a secret anymore, that kind of defeats the purpose, doesn’t it? You need to keep your password to yourself, and not divulge it to anyone that asks for it. If you need to allow someone to access your accounts, see if there’s a way to add additional user. Otherwise, share your password securely with a password manager such as LastPass.
Use Multi-Factor Authentication
One way to boost your online security and safety is to use multi-factor authentication (MFA), which means doing something else in addition to using a password when trying to access a system. There are many types of MFA available these days, from smart cards to biometrics. The advantage of MFA is that even if someone knows your password, they won’t be able to get in without inserting a physical key, a thumbprint, or something else. One of my favorite MFA devices is the Yubikey, which works with many popular websites, including LastPass and Google.
We want you to be as safe as possible when working online. While we strongly believe in multi-factor authentication, most websites today use passwords only, and so your first line of defense is keeping that password as strong as possible. Follow the tips above and you’ll leave hackers looking for lower-hanging fruit.
The password tips mentioned above are equally useful for individuals and businesses alike. Businesses usually have a lot more tools at their disposal to help with employees’ security, especially when it comes to passwords. Businesses can configure computer software to require password complexity and length, force users to change their passwords, and utilize multi-factor authentication. 7 River Systems can assist you with setting up these security measures – contact us today.