Password protection checklist
How secure is your password? How much attention do you pay to how you create your passwords? If you are like me, then for some time you’ve probably been using keywords that mean something to you like a birthday, pet’s name, or some other familiar character strings and you’ve felt safe. But now it's 2020, AI in cybersecurity and really smart and cunning individuals are giving security a different meaning.
Now your basic passwords which you thought were safe and probably used across multiple platforms is no longer safe, in a day or less, some offender with some tool out there has your password, logs into your account and before you know it, you’ve made transactions halfway across the world. The good news, big software companies have got your back and are putting measures in place to ensure some random user doesn’t suddenly gain access to your account. However, you need to enable this to happen by using the standard guidelines for password protection.
Here are a few things to check on your password protection cart. This will enable you to ensure that your passwords are safe and free to use on your devices and no one without appropriate authorization can gain access to them.
- Use appropriate characters: Easy passwords such as “123456”, “password”, and “jane1991” are a good no-no when it comes to password creation. You might think “pass12word” is a good option for some weird reason, please don’t. Simple dictionary attacks can easily reveal these kinds of passwords in seconds. Using simple words or numbers alone should be avoided rather a good option is to create a sequence of these characters mixed with numbers and special characters. A good example is “pass3$2#$word” or “pass37#12%&word$”.
- Use long passwords: Most websites will tell you to select a password of at least 8 characters. But let’s not make it easy for attackers to guess just how long our passwords might be. Don’t just do the minimum pick a number greater than that by whatever factor you decide, and if possible vary the lengths for different accounts.
- Use different passwords for different accounts: As tempting as it is to use the same password on multiple accounts. Avoid this as much as possible, in a situation where an attacker gains access to one of your accounts, you want to make sure your other accounts are disjointed and cannot be accessed by that same passwords such that a breach in one account is completely isolated from all others. Upon consideration of this, you might become worried about how you would remember all these passwords, and no, writing them down is not an option.
- Get a password manager: Meaning that on the off chance that one of your passwords does get caught up in an information breach, a password manager ensures that offenders won’t have the keys to the rest of your online administrations. The leading ones sync over desktop and versatile and have autocompleted features. Presently, instead of having to memorize handfuls of fastidiously created passwords, you got to keep in mind one ace key. Now all you have to bother about is how to keep your password manager password as secure as possible. Browsers have their own internally available password management system but I wouldn’t recommend you trust this entirely. As convenient as they are, the underlying security is usually undocumented. Good options include 1password, LastPass, or Dashlane.
Note: Please do not use any of the above passwords as they have used here in the public domain.
- Use Two-Factor Authentication: Wherever possible and available use two-factor authentication. Security is never a clear cut thing, we can never be too careful, adding another layer of security is always well-welcomed. By using two-factor authentication you are connecting your phone through SMS or google authenticator and if you want to step it up, you may use YubiKey. This will allow you to confirm every authentication request before it goes through is a pretty way to tell when someone else is trying to login into your account.
If you are missing any one of these you had better get cracking, in creating much more authentic and unique passwords to protect yourself. You might not need it but there’s someone close to you who will.
“A chain is only as strong as its weakest link”
Security is everybody’s business. Please share!