In honor of this important day, here are some basic do’s and don’ts of password security:
Password DON’Ts
DON’T use the same password for all of your accounts.
If all of your passwords are the same, and someone is able to obtain the password to one of your accounts, they now have the necessary tool to hack ALL of your accounts. By using varying passwords across the board, you can reduce the amount of damage done should one be compromised.
DON’T let your browser save your passwords.
In the event that your computer is hacked, the hacker will gain access to all of your online accounts if you have your passwords saved in your browser. You may be using a “trusted computer”, but it could still fall victim to an attack.
DON’T open any attachments from messages that seem phishy (pun intended).
Phishing is when a cybercriminal tries to infect a users’ device with a virus or malware by having them open an infected document. To avoid phishing attempts, always double-check the sender’s email address when you receive something that seems suspicious and trust your instincts— if it feels like a trick, it probably is.
Password DOs
DO change your passwords frequently
Some applications, such as online banking, require you to change your password after a set amount of days has passed since the last time it was updated. Unfortunately, many accounts will allow you to use the same password for years, which makes them more vulnerable to hacks. As annoying as it may be to have to remember new passwords, updating them regularly is better for your accounts’ security.
DO make your password more complicated, by using a combination of numbers, symbols and both uppercase and lowercase letters.
While they may be harder to remember, passwords that include a variety of character types are more difficult to crack. Additionally, it’s very common for people to use the same string of words and numbers, such as their pet’s name, child’s birthdate, wedding anniversary, etc., so be original in what you choose.
DO use two-factor authentication.
Also known as multi-factor authentication, two-factor authentication adds an extra step to your login process, and subsequently an additional layer of protection to your account. This may be done in the form of a one-time code sent to your phone, biometrics such as fingerprint or facial recognition, or by using a USB key. Luckily, many accounts already offer this second level of security. Learn how to take advantage of it here: https://www.turnon2fa.com/
Lastly, some cyber security experts may also recommend the use of a password manager. Password managers store the passwords for all of your accounts in one place, accessible with a single password. In addition to storing your passwords, most password managers will also create strong, unique passwords for you and update them on a regular basis. While these features are great for security, using a password manager also creates a single point of failure for your accounts. If the master password is compromised, they are all compromised.
Whether you decide to use a password manager or keep up with your passwords yourself, it is increasingly important to make sure that your password security is something you pay attention to and manage responsibly.