A weak password could cause problems. Here’s what you can do to safeguard your many accounts.
A strong password is essential when it comes to your online security, and you need a unique one for each of your streaming services, online shopping accounts, bank accounts, email, and much more. It is tempting to fall into the bad habit of using the same login for everything.
If your data is compromised, weak passwords can have serious consequences like identity theft. Last year’s number of reported data breaches set a new record.
Use a password manager to keep track of your passwords
Strong passwords are longer than eight characters, are hard to guess and contain a variety of characters, numbers and special symbols. The best ones can be difficult to remember, especially if you’re using a distinct login for every site (which is recommended). This is where password managers come in.
A trusted password manager can create and store strong, lengthy passwords for you. They work across your desktop and phone.
The tiny caveat is that you’ll still have to memorize a single master password that unlocks all your other passwords. So make that one as strong as it can be.
Of course, someone could also break into your house and walk off with the passkeys to your entire life, but that seems less likely. At work or at home, we recommend keeping this sheet of paper in a safe place — like a locked desk drawer or cabinet — and out of eyesight. Limit the number of people who know where your passwords are, especially to your financial sites.
If you travel often, physically carrying your passwords with you introduces greater risk if you misplace your notebook.
Find out if your passwords have been stolen
You can’t always stop your passwords from leaking out, either through a data breach or a malicious hack . But you can check at any time for hints that your accounts might be compromised.
Mozilla’s Firefox Monitor and Google’s Password Checkup can show you which of your email addresses and passwords have been compromised in a data breach so you can take action. Have I Been Pwned can also show you if your emails and passwords have been exposed.
Avoid common words and character combinations in your password
The goal is to create a password that someone else won’t know or be able to easily guess. Stay away from common words like “password,” phrases like “mypassword” and predictable character sequences like “qwerty” or “thequickbrownfox.”
Also avoid using your name, nickname, the name of your pet, your birthday or anniversary, your street name or anything associated with you that someone could find out from social media, or from a heartfelt talk with a stranger on an airplane or at the bar.
Longer passwords are better: 8 characters is a starting point
8 characters are a great place to start when creating a strong password, but longer logins are better. A longer passphrase composed of unconnected words can be difficult to remember, however, which is why you should consider using a password manager.
Don’t recycle your passwords, seriously
It’s worth repeating that reusing passwords across different accounts is a terrible idea. If someone uncovers your reused password for one account, they have the key to every other account you use that password for.
The same goes for modifying a root password that changes with the addition of a prefix or suffix. For example, PasswordOne, PasswordTwo (these are both bad for multiple reasons).
By picking a unique password for each account, hackers that crack into one account can’t use it to get access to all the rest.
Avoid using passwords known to be stolen
Hackers can effortlessly use previously stolen or otherwise exposed passwords in automated login attempts called credential stuffing to break into an account.
Use two-factor authentication… but try to avoid text message codes
If thieves do steal your password, you can still keep them from gaining access to your account with two-factor authentication (also called two-step verification or 2FA), a security safeguard that requires you enter a second piece of information that only you have (usually a one-time code) before the app or service logs you in.
This way, even if a hacker does uncover your passwords, without your trusted device (like your phone) and the verification code that confirms it’s really you, they won’t be able to access your account.
While it’s common and convenient to receive these codes in a text message to your mobile phone or in a call to your landline phone, it’s simple enough for a hacker to steal your phone number through SIM swap fraud and then intercept your verification code.
When it comes to password security, being proactive is your best protection. That includes knowing if your email and passwords are on the dark web .
Date Posted: 2/3/23
Date Last Updated: 2/3/23
By: RTI Marketing Team
Riverside Technologies, Inc. (RTI) specializes in managed services, IT hardware, warehouse services, and technology deployment.
Our solutions can help you achieve your goals.