Expert tips on how to manage your passwords and stay safe online
Passwords play an important role in computer security chain, but sadly, they often appear to be the weak link in it. Despite the fact that password is a string that protects one’s personal information and files stored in various online sites, many users still rely on surprisingly simple and weak passwords that are not only easy to remember but sadly, easy to guess as well. This fact shocks us, considering that cyber crime awareness is increasing. According to a research, even 17% of 10 million passwords analyzed by Keeper Security company was “123456”, and what is even more ironic is that the word “password” actually takes the eighth spot in the most used passwords’ list. Needless to say, people still rely on passwords such as “qwerty” or “111111.” With a good brute-force tool, it would take seconds to break into your account if you use one of these passwords to “protect” it. Naturally, this brings up a question – how to create a safe password to protect my accounts? Luckily, experts from our team decided to share some great tips to better password security.
- Use a long password. It must be at least 8 or 10 characters long. In fact, a short but complex password can be cracked easier than a long but easy one. Just think about basics of combinatorics. You can make much more combinations with 16 characters than you can do with 8 characters, therefore, a password-cracking program needs more time to brute-force that 16-character password than to 8-character password.
- Use a mixture of uppercase/lowercase letters, digits, and ideally – characters.
- Avoid using any type of word that describes you, your interests, or is associated with your second half or your relatives. Needless to say, you should not be using full or part of your name, surname, birth date, home address or email address.
- Do not use a combination of letters or numbers that make a line in your keyboard. As we said, people tend to use “qwerty” or “123456789” as their passwords, and it is more than easy to guess them and log into your account. If you respect your privacy, think of a different combination.
- Avoid using popular English words and leave typo mistakes purposely. Password cracking programs often check popular English words like love or cool. If English is not your native language, using a word from your language can be a very good idea.
- Using a passphrase instead of a password is also a praiseworthy move. In fact, if you haven’t started doing this already, you should start using passphrases instead of passwords. Research shows that passphrases, even if very simple and banal, are very hard to crack. To add complexity, use spaces.
- Use different passwords for different accounts. If someone manages to crack your password to one website, one won’t be able to log into other accounts that easily. Besides, you will have a chance to gain access to your account again in case the accounts are linked to each other.
- Don’t give your password to anyone. Even if it’s your best friend or relative, do reveal your password to them. Remember that nowadays a friend can become your enemy one day, and if you do not want to cope with the consequences, keep passwords and passphrases to yourself.
- If you are really bad at remembering passwords and they simply do not stick in your mind, store them safely. Remember – it is not wise to keep your password on a sticky note on your PC screen. Ideally, write it down and place it somewhere safe. Don’t put it on your desk and do not stick it on your fridge, preferably.
- Be careful and watch out for over-the-shoulder snoops when using a computer in a public place. If you ever need to log into your account when using a computer in public, look around just to be sure that no one’s watching you. You would be surprised to find out how often this happens.
- Don’t enter any sensitive data before you are sure that the device is malware-free. Even if you have spent hours trying to create a secure password, your efforts can come to naught if you enter the password into a computer that is infected with a tracking software or such as a keylogger or a data-stealing Trojan. If you suspect that your computer might be compromised, or if you want to check it, run a system scan with reliable anti-malware software like Reimage.
- Do not log into websites accessed via URLs provided in email letters. Scammers tend to spread URLs pointing to phishing web pages via email, so if you were unexpectedly asked to verify your Gmail or Facebook login details all of sudden, check who is the sender of the email. Otherwise, you might be tricked into visiting a fake Gmail or Facebook password recovery page, and all information you enter will be sent to cyber criminals.
- Log off as soon as you finish your work and leave the device. It doesn’t matter if you are accessing a personal or a public computer, do not stay signed in.
- Enable two-step verification. Even if someone manages to guess the secret code, they won’t be able to log into your account because the attackers will need a security code that will be sent to your phone or email account.
To sum up, we would like to declare the principal idea of this article. You definitely do not need to create some complex and impossible-to-remember line of random symbols and letters to stay safe online. You can easily guard yourself by using a longer, yet meaningful password or, ideally, a phrase that is easy to remember.