How to Secure Your Passwords to Stay Safe
Passwords are the first line of defense against cyber criminals. It’s crucial to pick strong passwords that are different for each of your important accounts and it is good practice to update your passwords regularly. Follow these tips to create strong passwords and keep them secure.
Use a unique password for each of your important account
Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office – if a criminal gains access to one, all of them are compromised. So don’t use the same password for an online newsletter as you do for your email or bank account. It may be less convenient, but picking multiple passwords keeps you safer.
Keep your passwords in a secret place that isn’t easily visible
Writing down your passwords isn’t necessarily a bad idea. But if you do this, don’t leave notes with your passwords in plain sight, on your computer or desk.
Use a long password made up of numbers, letters and symbols
The longer your password is, the harder it is to guess. So make your password long to help keep your information safe. Adding numbers, symbols and mixed-case letters makes it harder for would-be snoops or others to guess or crack your password. Please don’t use ‘123456’ or ‘password,’ and avoid using publicly available information like your phone number in your passwords. It’s not very original, and it isn’t very safe!
Try using a phrase that only you know
One idea is to think of a phrase that only you know, and make it be related to a particular website to help you remember it. For your email you could start with “My friends Tom and Jasmine send me a funny email once a day” and then use numbers and letters to recreate it. “MfT&Jsmafe1ad” is a password with lots of variations. Then repeat this process for other sites. Set up your password recovery options and keep them up-to-date
If you forget your password or get locked out, you need a way to get back into your account. Many services will send an email to you at a recovery email address if you need to reset your password, so make sure your recovery email address is up-to-date and an account you can still access.
Sometimes you can also add a phone number to your profile to receive a code to reset your password via text message. Having a mobile phone number on your account is one of the easiest and most reliable ways to help keep your account safe.
For example, service providers can use the phone number to challenge those who try to break into your account, and can send you a verification code so you can get into your account if you ever lose access. Giving a recovery phone number to Google won’t result in you being signed up for marketing lists or getting more calls from telemarketers.
Your mobile phone is a more secure identification method than your recovery email address or a security question because, unlike the other two, you have physical possession of your mobile phone.
However, if you can’t or don’t want to add a phone number to your account, many websites may ask you to choose a question to verify your identity in case you forget your password. If the service you’re using allows you to create your own question, try to come up with a question that has an answer only you would know and isn’t something that you’ve posted about publicly or shared on social media.
Try to find a way to make your answer unique but memorable – you can do this by using the tip above – so that even if someone guesses the answer, they won’t know how to enter it properly. This answer is very important for you to remember – if you forget it you may never be able to get back into your account.
Little known Tips
- Use a passphrase: Instead of using a single word for your password, consider using a passphrase consisting of multiple words. Passphrases are longer and more secure, and easier for you to remember. For example, “SunsetLionEatsPizza” is stronger than a single word like “password”.
- Utilize password managers: Password managers are tools that securely store and manage your passwords. They generate strong, unique passwords for each of your accounts and store them encrypted. This way, you only need to remember one master password to access all your other passwords.
- Enable two-factor authentication (2FA): Whenever possible, enable 2FA for your accounts. This adds an extra layer of security by requiring a second verification factor, such as a temporary code sent to your mobile device, in addition to your password.
- Avoid common substitutions: Avoid predictable substitutions like using “1” for “i” or “3” for “e” in your passwords. These substitutions are well-known and can be easily guessed by attackers.
- Don’t reuse passwords: Reusing passwords across multiple accounts increases the risk of a security breach. If one account is compromised, all other accounts with the same password become vulnerable. Always use unique passwords for each account.
- Consider using a password formula: Create a password formula that includes elements specific to each website or service. For example, you can use the first three letters of the website’s name, combined with a memorable phrase and a special character. This way, you have a unique password for each site, but a consistent method to help you remember them.
- Be cautious of password hints: Avoid providing obvious or easily guessable password hints. Often, password hints can inadvertently reveal information that makes it easier for attackers to guess your password.
- Regularly update and strengthen passwords: It’s important to periodically update your passwords, especially for critical accounts. Aim to change your passwords every three to six months or when you suspect a potential compromise. Additionally, make sure to strengthen your passwords with a combination of uppercase and lowercase letters, numbers, and special characters.
- Be wary of shoulder surfing: When entering your password in public spaces, be cautious of people nearby who may be watching your keystrokes. Shield your password entry to protect against potential shoulder surfing attacks.
- Stay informed about emerging threats: Stay updated on the latest security practices and news regarding password security. This will help you adapt to new threats and implement additional measures to protect your passwords effectively.
Conclusion
Creating a strong password a smart idea, to safe and secure yourself online, i would recommend to use password manager like Last-pass which is pretty handy and secure to store your all password with a Master Last Pass Password.