You have a password on your email account, your online banking app, and every website you shop on. Every time you sign up for an online service or social network you’ve got to come up with a something memorable that will keep your account and personal information secure.
Passwords are meant to keep you safe while you surf, but hackers are getting savvier. Some of the most ironclad systems have been breached and thieves have gained access to millions of people’s personal and financial data, not just within the United States, but yes here in the Roanoke Valley too. But, even while the threat of getting hacked looms, an astounding number of people continue to use extremely weak, easily guessable passwords.
The Wall Street Journal analyzed over 200,000 hacked passwords, and found that by far the most popular password was “123456,” followed closely by “password” and “12345678.” What’s worse, is that most people use the exact same password for every web page they visit. What is this telling us? Apparently, many internet users still have not heeded years of tips and warnings about password security.
So, as a refresher and an update on tools you can use to generate and remember strong passwords, here are a few tips.
1. Don’t use ANY of these
Your name, your spouse or kids’ names, or pet names – even if you put a number after it.
The last four digits of your social security number
Any consecutive sequence of numbers
The name of any school you went to or mascot of that school
The name of the city you live in
Any date of birth – yours, your spouse’ or your children’s.
2. Never use the same password for multiple logins, especially when it comes to your email account. You may think your email isn’t super important to keep secure because “there’s nothing in there.” But, once someone cracks your email password they can go over to your bank app, click “forgot password” and have the key to your finances emailed to you (them) instantly. Regular hacker practice is to break into any web page you use just to figure out your standard password, then compromise everything else.
3. Substitute letters for numbers that look similar and throw in random capital letters. You can put a zero in place of an ‘o’, a three in place of an ‘e’, or even better, an @ in place of an ‘a’. Example: @ppleCid3R
4. Come up with something nostalgic that you’ll remember, but don’t use a person’s name. Every name or word in the dictionary will fail under a simple brute force attack.
5. Because it would be difficult to remember so many different passwords, consider using Roboform for Windows or 1Password for Mac users. It can store all of your passwords in an encrypted format and let you use one master password to access them all. It will also fill in the forms on Web pages for you automatically, and allow you to take your password list with you on your tablet, phone or a USB key. Other such programs include KeePass and LastPass.
6. Whenever you come up with a new password, use Microsoft’s password strength checker to see how secure it is.
Now that you understand the risk of using weak passwords, and have the tools to strengthen and diversify them, it’s time to improve your online security!
If one of your accounts has been hacked, there’s a good chance your other accounts using the same password aren’t safe! Now would be a great time to update your accounts with individually unique passwords.