Password security has always been relevant, but it has become even more so in recent times as cybercriminals continue to think of new and innovative ways to hack accounts and steal your personal data. The good news is that there are actions you can take to help stop cybercrime in its tracks! Let’s find out how…
In this Article we look at some helpful tips and strategies for creating strong passwords to help keep your accounts, information, and devices safe.
Creating a Strong Password
When it comes to creating a strong password there are some tips you can follow to reduce your chances of an attacker accessing your information.
- Include a variety of random numbers, letters, and characters to ensure your password is more complex. This shouldn’t include references to personal information, for example, people’s names, addresses, dates such as birthdays, favourite sports teams, or phone numbers etc.
- Making passwords at least 16 characters long lessens the chance of a security breach.
- Hackers use malicious programs that can process every word found in the dictionary to crack passwords, so it is advisable to avoid the use of real words.
Use a Different Password for Every Account
Your password must be unique, and a different one used for each individual account and site you log in to. On average, people reuse the same password for 10 different accounts and don’t realise they are putting themselves at risk.
Even if you choose a password and then tweak it with a different number, or letter, and then use it for a different account, this is now also considered a bad idea. Once a password is breached, an attacker could quickly work out your similar passwords for other sites.
Passphrases are Stronger Than Passwords
As hackers can crack single words found in the dictionary as described earlier, as an alternative you can use a phrase as your password instead. As a warning, stay away from using quotes that people know or using your own personal information such as a pet or child’s name that could be easily guessed.
Pick something random that only you know. It doesn’t even have to be a phrase that makes any sense, random words are better. An example of a good passphrase might be ‘White Sun Rabbit Grass’.
Organising and Keeping Passwords Safe
Don’t write down your passwords and avoid sharing them with others as this subsequently compromises the cyber-safety of your personal accounts. We don’t want your data falling into the wrong hands!
If you struggle to organise and remember your passwords, then using a trusted password manager is a great option.
A password manager is a program that stores all your passwords for you in one convenient location with one master password used to access it. It is an encrypted vault that in most cases can also generate strong, unguessable passwords and then make sure they’re associated with the right websites. As some password managers are heavily encrypted, it can be a smarter alternative than storing them in a file on your computer or writing them down in a notebook.
There are several to choose from many have a free and a paid-for option. Most will have apps and browser extensions so you can use them on all your devices.
Maintaining Password Safety
We used to be told to change passwords regularly, and many organisations still enforce password changes in the workplace. However, the National Cyber Security Centre (NCSC) now explicitly recommends that you don’t change passwords – unless of course your password has been stolen. If your password hasn’t been used anywhere else or on another account, then it will continue to protect you.
Has Your Password Been Breached?
We have all seen on the news the huge data breaches that have taken place with large corporations. Your email addresses and passwords can end up on a database for others to steal.
You can check if one of your accounts has been compromised by visiting: https://haveibeenpwned.com/
When you enter your email address the website notifies you if an account associated with the email address has been compromised in any of the breaches it has data on. Don’t panic if you do find that your account has been breached, just make sure you change your password and ensure it isn’t being used on any other accounts.
Extra Protection with Two-Factor Authentication
For that second line of defence consider using 2FA (two-factor authentication). It is one of the best steps you can take to protect your account.
2FA means that if someone tries to log in from a device or an IP address you haven’t approved, it sends an SMS to your phone with a one-time code you need to type in before it will authenticate you. 2FA can also be used on apps such as Google Authenticator, an alternative option to SMS and can be accessed on other devices.
Staying Safe While Outside Your Usual Workspace
Many of us now work remotely or log onto the internet outside the safety of our home or place of work. If possible, avoid using public wi-fi as using this without a VPN opens you up to hackers tracking you and accessing your device data.
Final Thoughts
Password security is important, but it is just one element of many that you need to consider when planning your overall cyber security strategy. You will also need to consider other ways to protect your devices and systems against cyber-attacks online. We will talk more about this in one of our future Articles.
In the meantime, to find out more information about cyber security for your business, or to book a complimentary review of your current IT systems, please reach out to us by emailing info@piblu.co.uk or calling us on 0161 388 8188.
