Password security is a vital part of your professional and personal life. It is easy to overlook password management when you’re focusing on everything else going on, but it is too important to be forgotten. Here are a few tips to remember when dealing with passwords.
Why Password Security is Important
Norton reports that 68% of people reuse passwords for different accounts. It comes as no surprise, then, that in 2021 alone, businesses and individuals lost almost $4.2 billion to cybercrimes. From 755 data breaches in 2021, there were 1.7 billion exposed credential pairs (email/username and password), Furthermore, in 2021, 70% of people who had passwords exposed in previous years were still using the same credentials as they had before the breach.
There are numerous potential consequences of poor password management but the two biggest ones are cybersecurity threats and financial issues. Cybersecurity threats come in the form of data breaches, identity theft, computer hijacking, blackmail and a loss of privacy. Cybercriminals can also make a significant profit by accessing banking accounts or committing ransomware attacks.
Secure Password Recommendations
Long & Random: With passwords, the longer it is, the more secure it is and the harder it will be for hackers to crack. At the absolute minimum, the password should be 6 characters. However, almost all resources stated that this was far too short and that closer to 16 is ideal.
In addition to using long passwords, include numbers, special characters/symbols, and uppercase and lowercase letters. Here is a generator that I have used to create new, secure passwords for my personal and business accounts. If you use a password manager of any kind, check the features to see if they include a generator–many of them do! I have also used this passphrase generator.
Passwords consist of a single word or string of characters, while passphrases are a sequence of discrete, multiple words. It is more secure to use a random set of words rather than words that often go together because of dictionary attacks. Dictionary attacks consist of testing all actual words as well as common combinations of those words as potential passwords. Want to make sure your password or passphrase is secure? Try a password strength meter like this one from Password Monster.
Double the Protection: As an added layer of security, many websites and applications now require multi-factor or two-factor authentication as part of the login process. It adds a small extra step in the login process but is absolutely worth the time.
Completely Unique: Every single account you have credentials for must have its own, unique password. Norton found that, in 2021, 64% of consumers with more than 1 password exposed were using the same passwords across multiple accounts. Hackers take advantage of this fact and often use credential stuffing. This means that once a login name and password are exposed in a data breach, criminals will try that combo many more times across the web.
Avoid Using Personal Details: Don’t use personal information in your passwords. This means that details such as your name, birthday, names of family members, hobbies or important dates should not be included in your passwords. Most of these can be found via online profiles and social media and will be easy targets for hackers attempting to figure out your password.
Change Your Password Regularly: There were some discrepancies between opinions regarding how often one should change their passwords. Recommendations run from every 3 months to at least once a year. However, Consumer Reports suggests that you only need to change your password if there is any possibility of a data breach. Regardless, changing your password regularly can only improve your password’s security. It may be helpful to set a regular reminder on your phone or computer. We ask our clients to change all passwords quarterly.
Never Share Your Password…EVER: Your password should be yours and yours alone. Don’t send it through email or store your password in a document. It is easier to “socially engineer” your password (for instance, by pretending to be someone official requiring your password) than to obtain it through hacking methods.
Secure Your Reset Options: Ensure that the questions and answers you have selected to reset your password are not easy to find information, as this could be another way to break into your account without even needing your password.
Use a Password Manager
No one can remember a large amount of complex, random passwords without some way to keep track of them. Using a password manager can be invaluable in maintaining secure passwords. Use a password manager to create, store and monitor passwords. Many password managers also include built-in generators to randomly provide complex passwords and then save them directly to your password list. You only have to remember one password this way. Just make sure it is a good one!
I use LastPass Premium to manage both my personal and business-related account information. I have it installed on all of my devices and in my browser so when I visit a website or use an application that requires login information, it automatically fills in the associated credentials.
Here is an excellent article from Wired that breaks down some of the best managers out there. Be sure to do your research so that you’re familiar with the security features and reputations of each and can make the best choice for your needs.
Some of these suggestions may seem like common sense but considering that 23 million account holders were using the password “123456” in 2021, it never hurts to state it again.
Password management can be a big job, but don’t stress! aJuxt can help. Contact us today to learn more.
Written by TinaKay Oliver || Google Analytics & SEO Consultant