How to Create a Secure Password
There is no such thing as a totally secured password. There are only passwords that are more and less secure. Passwords are the easiest, most effective and convenient way that the ‘bad guys’ can access your accounts. Most people don’t know the most common techniques for obtaining passwords, but several are explained, below:
- Dictionary Attacks: There are some online tools that make cracking a password almost effortless. These free tools allow for dictionary attacks, which use common words to automatically fill in password fields until it finds the right one. So, do not use slang terms, dictionary words, words spelled backward, or common misspellings. Also, avoid easy to guess keyboard combos, such as lkjhg or qwerty.
- Simple Passwords: A couple of years ago, there was a massive breach, which exposed more than 32 million passwords. Approximately 1 percent of the victims were using 123456, and the most common password after that was 12345. Other common choices were abc123, qwerty, princess, and 111111.
- Cracking Security Questions: When you choose the “Forgot Password” option on websites, you are asked to answer questions to verify that you are who you say you are. Many people use the names of their kids, pets, spouses, or other easy to guess answers. Hackers can deduce these answers with only a little bit of research, such as accessing your social media account to find the name of your spouse. They then put that into the answer space and have access to your password.
- Social Engineering: Social engineering is the practice of manipulating others into doing certain actions or offering confidential information. This can be used by the bad guys to trick people into giving up their passwords.
- Reusing Passwords Across Several Sites: When a hacker gets access to just one of your passwords, they know that they can likely hack into your other accounts. Why? Because 31 percent of us use the same password for multiple sites. Not only can this lead to identity theft, it can also lead to a stranger accessing things such as your bank account.
I have confidence that we will develop a truly secure password at some point, but in the meantime, create the most secure password possible.
Even More Tips for Making Your Password Safer
- Use different passwords for every account that you have.
- Log off each time if using a public device or if people are around who can see your password.
- Make sure that no one is watching you enter a password.
- Try not to enter passwords into public computers, such as at the library. These often have malware on them that steal passwords.
- Use security software and update it regularly.
- Do not give your password to anyone. Though you might trust them now, there is no guarantee that they will always have your best interest in mind.
- Avoid entering any password into a device when connected to an unsecured Wi-Fi connection, such as at a coffee shop or airport.
- Strong passwords are hard to guess but easy to remember. For instance, “I am happy to be 28!” could be 1am:)2b28!.
- Use a minimum of eight characters and mix up numbers, letters, and symbols in the password.
- Depending on how sensitive the information you have is, you should change all passwords periodically, and then avoid reusing them for a minimum of a year.
- Have fun with phrases such as “To be or not to be.” This could be 2borNot-2b.
- Check the strength of your password. If websites offer a password strength analyzer, make sure to listen to its advice.
- Feel free to write down your passwords, but make sure they are not near your computer. Instead, put them in a secure location.
- Write down clues to help you remember your password. For instance, “To be, or not to be” might be the clue.
- Use your keyword as a palette to create a shape that is easy to remember. For example, @wsXdr5 makes a V-shape when you start with the @.
Social media has undergone an evolution and is now the fifth major form of media to join radio, television, Internet, and print. While social media does use the internet, there is no denying that it is its own entity. It also encompasses the other forms of media in a neat, tight package.
With this explosive growth, a couple of social networking sites, such as Twitter and Facebook, have risen to the top of the pile, and each of these fight to become the fastest, strongest, and largest social media site on the web. They also want you to use the name and password you use on these sites to log into other sites. Webmail providers, such as Yahoo and Google, also want you to do this, which is why you will often see that websites will give you the option to log in with Facebook or Google.
The same process is also used to link from one social media community to another, and this allows you to cross-post from Facebook to Instagram, for instance. The idea behind the concept of social registration is that all users have an established identity that they use online. As the months and years pass, the user’s identities in each platform or community begin to merge, which allows us to shop, communicate, and connect to another device. This also allows you to move from one website to another when logging in only once.
All of that being said, I rarely engage in this type of social registration. If even one of these accounts is compromised, and it links to others, then the hacker has access to a number of accounts with only one hack. If accounts are low on the security value, then it may not be a huge deal, but when email logins and passwords are involved, the risks rise. There are definitely some security measures, of course, I just don’t trust them.
Think of it like this: can you log onto your bank via Facebook? I didn’t think that was the case. So, whenever possible, try to create new usernames and passwords for all accounts instead of using your Google and Facebook credentials to log in.
What You Should Know About Password Managers
You have probably noticed that almost every website on the internet requires a password. In fact, at least twice a week I get an email from someone I know who wants me to join a new network…and, you guessed it…these networks require a username and password. You can use the same password for all of these, of course, but you are only asking for trouble.
The best way to deal with password management is to make the small investment into purchasing a password management service that will store your passwords in both the cloud and your computer. The best thing about these is that you will only have to remember one master password, and that will give you access to the rest of your passwords. Here’s what to look for in a password manager:
- A password generator tool that allows you to make passwords that can’t be cracked. You also won’t have to remember these passwords because they are all stored in the manager.
- One that can sync across multiple PCs and multiple browsers.
- A smartphone app that syncs with the cloud.
The security of password managers is almost a non-issue at this point, as most of them have such high levels of encryption that are extremely difficult to crack.
The real vulnerability that you will experience when using a password manager is with your personal computer and any malware that can take a screenshot or keystrokes. Make sure that you are running virus scans and update your antivirus software to prevent infections.
Another thing that you can do is to use the onscreen keyboard to enter passwords instead of the keyboard itself. This helps you to avoid tracking. Here are some of the cloud-based password managers that I like:
Roboform is a great manager. It costs about $10 for the first year, and then $20 every other year after that. You can install Roboform on as many devices as you want, all with a single license. This program keeps all of your passwords backed up, it is secure and easy to use.
Keepass is a free, open-source software that manages your passwords securely. You can store them all in a single database, which you can lock with a master key. So, you will only have to remember one password. The Keepass databases are encrypted and they use Twofish and AES, two of the most secure algorithms available. Another free program with an upgraded version is called LastPass.
This program creates unique, strong passwords, and then remembers and restores them in your web browser for less than $50.
Using these password management tools is extremely easy, and you will never take the chance that you will forget a password every again. You can easily log into any internet site with only a single click of the mouse.
These programs automatically sync your password data, so you can access them from anywhere whenever you need them. They are also safer than not having one, and they help to protect you from online fraud, phishing scams, and malware. They are also extremely secure, and all of your data is locally encrypted on your PC, an only you have the power to unlock it.
Remember, most of us do not have the resources, time, or knowledge to protect our identities. Unfortunately, we cannot prevent identity theft, which is why it is best that we do all that we can to lower the risk. Do this by investing in identity theft protection.