Remembering and typing in a username and password when logging into an app or website can seem like a hassle sometimes, but in reality, passwords are an important first line of defense when it comes to protecting your sensitive information. While it is easy to get lazy with your passwords, hackers are getting smarter and more efficient every day, so give yourself an extra boost of security by following these steps when creating and managing your passwords.
Utilize a password manager
Between email services, social media pages, banking websites, rent payment portals and a seemingly infinite list of other things you need a password for, it is starting to be a challenging task for a person to remember every different login they have.
Solid password managers, like LastPass, Roboform or 1Password, help create unique and strong passwords for a variety of different accounts, meaning if one of your accounts is compromised, a hacker won’t have the “keys” to the rest of your digital presence. Utilizing a password manager means you only have to remember one “master” password, instead of dozens and dozens.
Many password managers have different levels of service and security, meaning they are either available for free or can be upgraded for a small fee, typically between $2 and $5 per user, per month.
Don’t change passwords
You may have been told over the years that it is smart and proactive to change your passwords on all accounts every few weeks. This is not the case anymore. You should only change your password if you have good reason to believe you have been hacked or that your account has been compromised. If you change your passwords too often, you may forget them, or end up changing them in a consistent pattern, making it easier for a hacker to identify.
Most personal email services and social media pages have free multi-factor authentication settings that can be turned on, meaning more than one method of authentication is required for login. Whether it is entering a PIN number or providing a unique password that is sent to the requester’s personal cell phone or email address, multi-factor authentication makes it much more difficult for someone to hack an account. Multi-factor authentication also makes it easy to know if and when someone is trying to access your information, as you will likely get notified.
Businesses can utilize more advanced multi-factor authentication services like Duo or Azure, which cost between $2 and $9 per user, per month. There is no question that the added security is worth the small monthly fee.
Spread out character types
When creating a password, many platforms will require that you include a combination of letters, numbers and special characters. It is important to spread out the character types so it is more difficult to guess the password. Something like, “Lastname123!” would be fairly easy to identify, where as “L@$tnAm3!” would be more difficult.
Use long passwords
A typical required length for a password is at least eight characters, but it is smart to make your password as long as 12-15 characters, as it becomes much more difficult to guess as the character count increases. However, make sure your long password does not have a predictable pattern, like “LastName123456789.” While you need to be able to remember your password, try to get as random as possible.
Don’t reuse passwords
If you decide not to use a password manager, which creates unique passwords for each account and requires that you only remember one “master” password, make sure you are not using the same password across multiple channels. If your Twitter account is hacked, and you happen to use the same password for your banking information, you are going to find yourself in hot water. It’s easy to fall into a habit of using the same password for everything, as it is familiar and easy to remember, but it is not worth the risk.
Creating, remembering and managing passwords for both personal and business uses often can seem overwhelming, but it is vital for keeping sensitive information secure and out of the wrong hands. Be proactive with your security and partner with a knowledgeable team that can provide you with advice on which password management services are best suited for your needs.