You probably see articles about the importance of having better password security fairly often–and for good reason. Year after year, cyber security companies report that most computer users are choosing the same weak passwords, with passwords like ‘123456’ and ‘password’ ranking at the top of the list. With the rising threat of cyber crime, information leaks and data breaches, a strong password is your first line of defence.
Luckily, most web services are forcing their users to follow best practices by only allowing passwords with pre-set criteria or by analyzing passwords to see if they’re weak, fair or strong. Most services require a password that’s at least 8 characters long and contains an uppercase letter, a number and a symbol. While these requirements are useful, simply changing your password from “password” to “Password1!” doesn’t suddenly make your password much more difficult to crack.
5 tips for better password security
Tip #1: Choose a strong password
Cyber criminals gain access to victims accounts or data through social engineering. That’s because many of us naturally choose a password that personally relates to our lives. These types of passwords are easy for your friends and coworkers to guess, and something that cyber criminals may be able to find with some social media research. Don’t choose passwords that include the name of your pet, car, kids, spouse, city you were born in or your favourite sports team.
Hackers can also crack passwords through brute force, using tools that guess many combinations at once. Using passwords that are at least 12 characters long and have a combination of letters, numbers and other characters can help make your passwords more difficult to crack.
Tip #2: Create a password you’ll remember
Many computer security companies offer websites or tools that can generate randomized passwords for you. While these passwords are much stronger and harder to crack, they can also be difficult to remember. Having a password that’s difficult to remember usually means you’ll have to change it again in the near future, or you’ll have to write it down somewhere near your computer. Both of these situations are not ideal.
If you want to create a password that’s easy to remember, but hard to guess, try creating a password out of a phrase. Take a phrase that has meaning to you and use the first letter of each word to create the unique password. For example, the phrase “My dog is an 8 year old black labrador retriever named Barkley!” would become the password “Mdia8yoblrnB!”
Tip #3: Use different passwords and change them often
Having a strong password that you’ll remember is the easy part. The hard part is creating unique and strong passwords for all of your different online accounts. If you use the same password for multiple online accounts, you’re putting yourself at risk (especially if you’re using the same password for your social media accounts as you are for online banking). Having one account compromised could result in all of your accounts being compromised. That’s why it’s important to create unique passwords for each account and change them often.
Tip #4: Be aware of password save features
Having a strong password means nothing if you’re leaving your login information saved for your favourite websites. Most websites allow you to save your login credentials or automatically log in so that you don’t have to enter your username and password every time you visit. While this feature is convenient, it’s also risky. Never use this feature on a computer that’s shared with others, and even with your own computer, it’s best to avoid. Inputting your password every time you log in can also help ensure you don’t forget your password.
Tip #5: Be careful with password retrieval questions
Beyond passwords, it’s important to think carefully about your answers to security questions asked when you create a new account. These security questions are used to verify your identification when you want to reset your password. Unfortunately, they’re often standard and similar across websites. Questions like “where did you go to school?”, “where were you born?” or “what is your mother’s maiden name?” are easy to answer. They’re also relatively easy for cyber criminals to discover with a little social media research. If they can successfully answer these security questions, they could potentially reset your passwords and hijack your accounts.
When creating answers for security questions, try to come up with your own question rather than using the standard questions. That way you can use a question and answer that only you would know.
To help you follow all the tips we’ve outlined above, you may want to consider using password management software. Do some research to determine what password management software has the right solution for you and your business.
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information. Terms, conditions and exclusions apply to coverage. See policy for details.