One of the best ways to keep your information safe online is the use of passwords. We have passwords for everything: email, Amazon accounts, social media, cloud storage, online banking, etc. A password is often the only thing standing between your information or money and people who would take it.
However, for the most part, people are pretty casual with their passwords. I’m not judging; I do it too: using the same password for multiple accounts, writing down passwords, using something that is easy for me to remember because it is the name of a pet or a family member. But with cyber attacks at an all-time high, it’s time to figure out how to make a really strong password, and how to remember it.
1: Use a password manager
It’s a tradeoff we all have to consider: making a truly uncrackable password can backfire if you aren’t able to remember it. And having a different password for every site you have an account with is pretty close to my idea of hell. However, you no longer need to sacrifice security for convenience. Password managers are available as browser add-ons, and they keep track of your passwords for every site, even auto-filling the field for you. You just need to remember a single password for the password manager, and that’s it.
Is it really safe to have all your passwords online?
Like everything, no encryption is infallible, but some are better than others, and some are much, much better than others. The major managers out there have one job—keeping a secret—and they are very, very good at it. “For most users [password managers] offer a much better combination of security and convenience than they have without them. Everyone should be using one,” acknowledges Lujo Bauer, a security researcher at Carnegie Mellon University.
- Last Pass: free, and provides a random password generator
- Dashlane: $40 per month for all devices
- 1Password: 30-day trial, then $2.99 per month.
- KeePass (or KeePassX for Mac users): free, but this one is less user-friendly than the others and may require a little research to get it set up.
Why do you need a password manager? Because you need to…
2: Use different passwords for every account
I know. I hate it when a site imposes some weird rules for password complexity, like “at least 14 characters, with one capital letter, one special character, one number, one hieroglyph, and a partridge and a pear tree.” If someone gets into your Pinterest account, it isn’t the end of the world. But if they know your Pinterest password, and that is the same as every other account you have (including online banking and credit, Amazon, PayPal, FAFSA, etc.) you might have full blown identity theft on your hands. Some of the major data breaches lately have involved the password databases of major companies, leaving millions of people vulnerable. If those people had the same password for several other accounts, the cyber criminals could quickly and easily steal identities without even a “who goes there?”
3: 8 characters is the bare minimum, but 12 and up is better
I know. I know. 8 characters is bad enough, how am I supposed to remember 12? Ideally, you would have something more like 14 to 20. But this is where the password manager comes into play. If you don’t have to remember more than one password, there is nothing stopping you from adopting the longest, most unfathomable string of characters ever seen by human or machine. Which is great, because…
4: You need the most unfathomable string of characters ever seen by human or machine
Passwords shouldn’t be easy to guess. I hope by now you know not to use names, birthdates, or “password.” But password cracking software is becoming more sophisticated, and so passwords need to evolve as well. Attacks often involve software that can quickly try a list of common passwords, phrases, and combinations of words, so the less sense your pass phrase makes, the better. That’s right; pass phrase. 4 to 6 words (in an order that makes no grammatical sense) is better than a sentence or a single word. A string of letters, characters, and numbers is even better than a pass phrase.
Keeping your information safe isn’t hard, but it is definitely something that requires thinking ahead. Do you use a password manager? If not, what tricks do you use to remember your passwords? Tweet at me!