How secure are your internet passwords?
I read the other day that the average internet user has 25 accounts to maintain. Apparently, I am way above average because I have nearly 200 passwords in my password app. And that doesn’t include the accounts I manage for my clients.
As you might imagine, password security is a big deal for me. While I admit that I don’t have different passwords for all of my accounts, I am not like the average user who manages their 25 accounts with only 6.5 different passwords. Having more secure passwords may not seem like a big deal to you. But with the exponential increase in identity theft and data breaches, not following these nine rules for more secure passwords could be putting your personal and financial information at risk.
Change your essential passwords at least every 90 days.
This may seem like a bit of a hassle, but changing passwords on a regular schedule can help keep your account secure, especially accounts that limit you to short passwords that contain only numbers and letters.
Make your passwords at least twelve characters long—and longer if you can.
Longer passwords are generally much harder to guess or to hack. When it comes to passwords, longer is definitely better.
Use different passwords for each account, especially critical accounts.
Hackers often go after low-security websites first. Once they’ve hacked in and gotten log-in information there, they try out those passwords on higher security sites that are more likely to contain critical information.
Use symbols, upper- and lower-case letters, and numbers in your passwords.
Using more different characters and types of characters in your password increases its difficulty, making it harder for hackers.
Don’t use the names of your family members, pets & other easy-to-guess words.
It doesn’t take a genius to learn all these words from a peek at your social media accounts. Also, don’t use your birthdate, anniversary, phone number or address in your password.
Whenever possible, create a “passphrase” instead of a password.
A passphrase could be 20 characters or longer, and is generally a sentence or series of words strung together, with symbols and numbers substituted for some of the letters. Think of a phrase that would be easy for you to remember, but wouldn’t make sense to anyone else. For example, [email protected] It’s an easy phrase to remember, but it’s going to be really hard for anyone to guess. (No, it’s not one of my passwords, so don’t bother).
Consider using a Password Manager
A program like LastPass or Dashlane can help you maintain strong, secure, unique passwords for all your accounts without having to remember each one. You can find a review of the top 10 password managers for 2018 here.
Don’t fall for a phishing attack.
Be wary of clicking on links, even in your email (especially in your email) that ask you to log in to one of your accounts, update or confirm a password or provide any other personal information. Hackers are getting more clever all the time, and these emails can look absolutely legitimate. If you receive such a notification and aren’t sure, visit that website by manually typing in the address that you have used in the past. Verify that it is indeed your service provider that is requesting the change before providing information. These phishing attacks can also come by text message as well.
If your password is on the list below, go change it now.
The infographic below is the 2018 list of most-hacked passwords. If you recognize any of these as one of your passwords, it’s time to change.
I can’t guarantee that you’ll never be hacked, but I can promise you that following these nine simple steps will help you create more secure passwords and have a more secure online presence. Knowing that you’ve done all you can should give you a little online peace of mind, and that is a good thing.