Although there are many exciting biometric password technologies emerging, the good old-fashioned password is still as important as ever; possibly even more than ever before. Many people still have the feeling that it’s unlikely their passwords will be compromised, but in reality, all of us are at risk. Your password is your first line of defense against hackers. That’s why having a strong password is so important.
Your Guide to Creating a Strong Password
1. Don’t Make it Personal
Birthdays, anniversaries, children’s and pet’s names as well as a series of numbers (such as 54321) are not good options. While these details are all easy to remember, they don’t belong in your passwords list. Passwords containing personal details can be easily guessed by someone you know and even by hackers who don’t know you at all. This is because hackers user publicly available software which allows them to use a “Brute Force” method to check all possible passwords until the correct one is found. You make their job a lot easier if they already know basic formula used to create the password. What’s the first thing they’re checking for? Passwords containing the items listed above.
2. Don’t Use Real Words
Passwords which contain full and correctly spelled words in any language are particularly vulnerable to a dictionary, brute-force, rainbow or many other effective methods of attack. Many people will use words from another language not native to their geographical location as their “bullet-proof” strategy. This technique is no more secure than if they were to use words from their native language. Dictionary attacks exploit most words from languages across the world.
3. Use a Combination of Letters, Numbers and Symbols
One effective technique is to choose a password and replace some of its letters with numbers, special characters and both uppercase and lowercase letters. For example, if your password contained the word “Padlock,” simply spelling it out could leave you at risk, but using characters which are uppercase and lowercase as well as symbols and numbers to spell the word will make it much more difficult to guess. For example, the password “Padlock” could be converted to “p@dL0cK,” which contains all of the previously listed items.
4. Don’t Keep it Short
The longer the password, the better. Your passwords should be at least 8 characters, but ideally as long as 16 characters.
5. Use a Unique Password for Each Login
Using a single password for all of your accounts makes remembering your logins easy, but is not a good idea. Research shows that 60% of users use the same password for most, if not all of their online accounts. This strategy makes it easy for the user, but if someone with bad intentions gains access to one of your passwords, they have access to ALL of the accounts which share that same password. Using a unique password for each account will limit a hacker’s access to just one account in the event of a breach.
6. Consider Using a Passphrase
Using a pass phrase will help you create longer, more complex passwords that are easy for you to remember, and more importantly; harder for hackers to guess. A passphrase is basically just a series of words that make a long password. For example, if you like ballroom dancing, your passphrase could be “!Like2ba11roomD@nce.” That’s something that is easy to remember, but means nothing to anyone but you.
7. Use a Password Manager
If you’re creating long, complex passwords and using unique passwords for each account, you are going to have a hard time remembering them. That’s why it’s a good idea to use a password manager so that you’re not discouraged from using strong passwords. Password managers store your passwords for you so that they are all available to you in one place. The key is having a very strong master password, which you use to gain access to the rest of your passwords. A few popular options are DashLane, Keeper and LastPass. Each option offers a desktop and mobile application.
8. Enable Two-step Verification
Whenever possible, enable two-step verification. Many popular websites have this capability, which basically requires you to login two different ways to gain access. This is especially good to use for your email accounts or any other account with private information, and is relatively easy to set up.