Nearly all our activities online require a login of some sort. Whether is it to check our bank accounts, pay bills, or to check our email and social media feeds, accessing these will require you to divulge your login credentials before it is granted. However, as the number of logins required increase, so do the number of passwords you will need to keep up with.
Today’s subject for National Cyber Security Awareness Month is on the modern password. To protect your online accounts from being hackable, it’s not just about making passwords for all your logins. It’s about making unique, strong passwords for every login. Keeping up with multiple passwords can be frustrating, especially with login requirements becoming more complex in today’s landscape.
Here are some tips for creating strong passwords and how to keep them safe.
What makes a password “acceptable?”
Many websites and apps have a set of requirements needed for you to create an account, which the typical requirements include, but aren’t limited to:
- Being at least 6-10 characters long
- Must include uppercase and lowercase letters
- Must include non-alphanumeric characters (such as symbols)
And these are just the base requirements. This also may require you to create a special keyphrase or answer a security question just in case you forget your password. It’s best to be as creative with your passwords as possible so they are not easily guessable, but not too random to where you cannot remember them. Using passphrases and acronyms that are unique to you are also a good practice.
These are the 20 most used passwords in the world as of April 2019. Consider this a martyr for what NOT to base your passwords on.
Whatever you do, do NOT fall into these pitfalls when making your login passwords:
- Use actual names, places, or recognizable things. This includes pet names, high schools, birth dates, anniversaries, or even previous online handles.
- Use a simple character sequence. Some of the most used passwords are simple keyboard sequences such as “123456” or “qwerty.” Even numerical sequences on your 10-key pad should be avoided as well, such as “7410” or “789456”
- Use easy, common phrases. We mentioned using passphrases but make sure they are not simple ones such as “iloveyou” or “darthmaul.”
- Continue using the default passwords given upon sign-up. Some logins will provide a password for you but do not automatically require you to change it upon login. Always change these default passwords, such as a default Wi-Fi password when you get a new modem or router.
- Use the same passwords for multiple logins. This is a doozy. You need unique passwords for EVERY login, as using the same passwords for multiple sites makes you vulnerable should one of those sites get breached. If one is compromised, they are all potentially compromised.
You have so many passwords now. How should they be preserved?
In this age of cyber-crime and identity theft, keeping your passwords on a pad of paper, sticky notes, or an online document just won’t cut it, no matter how indecipherable you might think they are. Even worse, depending on your organization, leaving login credentials out in the open could count as a HIPAA violation, which may incur a hefty fine.
No. Just no. Keep your logins archived in a secure place or consider using a password manager for your logins.
But are password managers safe to use?
Password managers keep your passwords under one encrypted roof and generate strong passwords to insert automatically when logging into different websites. Password managers only require you to recall one master password for sign-on and give you the ability to easily maintain all your login credentials.
It’s understandable to have reservations about having a “master key” to your logins in the hands of a third-party company. Most password managers encrypt and store your master password locally, not on a remote server. If it is on a server, it's not readable by the company. Many password managers such as LastPass and DashLane have free versions but offer additional features for paid accounts such as secure file storage, Multi-Factor Authentication, and VPN capabilities.
Strong passwords = Strong defense.
Gone are the days of thinking that using only letters for passwords and that it’s safe to share them across sites. Make sure that you are going the extra mile in ensuring that you #BeCyberSmart and lock down your login by protecting your passwords for every login.
neoRhino’s Security Awareness Team, certified IT consultants, and 24/7 helpdesk squad are here to help strengthen your online defenses. You can visit our homepage, see more about The War on CyberSecurity, or give us a call at (281) 779-4850, and we can manage your technology so you can manage your business.
