It doesn’t matter how secure your computer’s encryption, firewall, and antivirus programs might be if you have a bad password. Often a bad password can be the point of failure in internet security, where a hacker can easily slip past otherwise unbreakable encryptions simply by running a simple password guessing program. It’s important, therefore, to pay careful attention when choosing your password to make sure that it won’t be easily cracked.
Here are some steps to take when deciding on a new password to make sure it’s as secure as possible.
The first and most important aspect of choosing a password is making sure that it’s complex enough. This doesn’t necessarily mean a random password, but there are a few things you can do. Your password should be as long as possible, preferably as long as you are allowed to make it. It should also contain numbers, letters, and symbols. If allowed, you should include both capital and lowercase letters.
These things increase the number of possible passwords you could have, which is important in thwarting a hacker who uses the “brute force” method, which involves having a computer program guess every possible password until it finds the correct one.
If you’re having trouble coming up with good passwords on your own, there are free online password generators that will do the job for you. I use one called Strong Password Generator. It will create a random password of up to 30 characters.
Don’t Use Regular Words or Personal Information
Another important aspect of choosing a secure password is making sure not to use dictionary words, or personal information about yourself – like your name, birthday, or names of friends, family, or pets. Two common types of attack are an information attack, in which the hacker guesses variants based on information they can find about you on the internet (like Facebook), and a dictionary attack, in which the program performs a brute force attack based on words found in a dictionary and common letter/number replacements. A dictionary attack would crack the passwords “apple” or “4pp13″ very quickly, for example.
Different Passwords for Different Sites
To make sure to keep your passwords safe, it’s important to use a completely separate password for every site you visit, especially for important things like your email and bank account. If you use the same password for your bank account and a forum you visit, it’s possible that the forum will be attacked by a hacker, and they will recover the password you used there. They could then use that password to break into your bank account.
Keeping Track of Your Passwords
If you find it difficult to remember all of those different passwords, there are programs called password managers which can help keep track of them for you. They will often provide a way to randomly generate a good password for every site you visit, and then remember them for you. To access the password manager you type in just one password, and then it will provide the passwords for everything else.
Having been online for many years, I have literally hundreds of passwords to keep track of, and I use a popular password manager called Roboform. They have a free trial available if you’d like to try it out.
As you can see, there are a lot of tricks to making a good password that many people wouldn’t think about. Make sure to remember all of the above when you’re making your next password to ensure that your password isn’t the weak link that lets a hacker get to your personal information.
Here is a list of some basic do’s and don’ts of password management.
- DON’T use personal information for your passwords. Common personal information includes name, initials, name backwards, birthday, kids’ or pets’ names, car make and model, etc.
- DO use a series of random letters and numbers, preferably with punctuation in it. It may be impossible to remember this way, but you can always save it somewhere and cut and paste when you need to log in.
- DON’T choose a word that can be found in a dictionary, an expression someone might know, or a sequence of letters or numbers (for example, ‘12345’ or ‘Fido’). However, it’s okay to use the first letter of each word of a song line or a phrase. An example would be to use ‘IWTHYH’ from the Beatles’ ‘I Want to Hold Your Hand.’
- DON’T use the same password for multiple sites. For example, the same password for your email, Facebook account, and bank account. If hackers obtain your Facebook password, they’ll have access to your bank account. This is a common mistake and hackers know that people make it.
- DON’T share your passwords with friends. You may trust them, but once a password is given out, it’s out of your control.
- DON’T forget to periodically change your passwords. If you change them regularly, there’s less chance that a hacker will be able to use a password if they do find it. Change your password anytime you haven’t logged in to a site for a while. If it’s a site where you log in often, get into a routine of changing your password every few months.
- DO assign separate passwords for friends, business partners, virtual assistants and others who need access to your accounts. Maintain control over what each person can access with their password.
- DO assign temporary passwords when you want to give someone access to your account. Delete the passwords afterwards.
- DON’T stay logged in to sites. Log out each time you leave. While you’re logged in, your account’s security is compromised. If the network is unsecure, your account is open to attacks. Don’t use the ‘remember me’ function some websites have. If you log in often, you can use a password manager like Roboform to make it easier.
- DON’T access password accounts through an unprotected Wi-Fi network. If you want to be on the safe side, avoid logging in on a wireless network at all, even if it’s secure. It’s always better to be too worried about password protection than to end up losing your whole business or private information to a hacker. But if you follow these basic guidelines and develop good password habits, you can keep your accounts safe.
It takes sophisticated tools to keep your website safe, but proper password management can also make a tremendous difference. It’s incredibly easy to learn good password habits and it will save you a lot of headaches down the road.