5 Steps to Create Strong, Unique and Readily Accessible Passwords
But that’s only half of a reliable password management system. The other crucial factor is to have an organized system so that you can manage unique passwords for individual accounts, they remain secure, and are readily accessible when you need them.
Some of you might be thinking, “there’s no way I can remember so many passwords.” Or you might say to yourself, “I’ll never remember a password with random letters, numbers and symbols.” Unfortunately, that’s the thinking that yields simple and repetitive passwords that practically invite cybercriminals to steal your information.
Never fear. If you follow even some of the five recommendations below to create a
strong password and to effectively manage them, then you’ll be well on your way to
stay safer online and to reduce the risk that your information might be stolen.
Modern Day Cybersecurity Requires Strong and Unique Passwords
In the past, when records were kept only on paper, your personal information was as secure as the file cabinet or safe in which it was locked. There was no way that information could be shared without physically removing the paper.
Today, however, the information that was once limited to paper records only is kept on computers and servers, which are secured through encryption and other digital safeguards. The front door to that information, is your login. The lock on that door is your password – make it as strong as possible.
1. Create a long password.
Would you lock the front entrance to your house with nothing but a weak door chain? Hopefully, the answer is never.
Weak passwords are the No. 1 reason that an account becomes compromised.
According to Verizon’s 2017 Data Breach Investigations Report, 81 percent of hacking-related breaches leveraged either stolen and/or weak passwords. According to Google engineers, compromised passwords are the top way hackers gain access to accounts and all users.
So, what constitutes a strong password? In a word, length. The longer the password, the more secure it is. You might have heard that a strong password requires a combination of uppercase and lowercase letters, numbers, punctuation and other keyboard characters. But any short password is easier to hack than a long one.
A strong password should be the longest you can manage, but no less than 12 characters. It wouldn’t hurt to include a mix of upper and lowercase letters, numbers and symbols, but length is the most important factor.
2. Create a sentence and use first letters from each word.
One technique to create long, random passwords is to write out a sentence and then use the first letter from each word. For example:
This would be 1 example Of A sentence that could be (used for) a secure password.
Twb1eOAstcb(ufasp
Hackers who use computers to crack passwords often use programs that go through billions (or more) permutations until it finds the correct combination. The best defense against this type of “brute-force” attack is a long password.
You can use this ONLINE TOOL to determine how secure your password is. The 17-character password above would take a computer 93 trillion years to crack.
By comparison, the password fR$3]@Q1 (eight characters long with upper and lowercase, numbers and symbols) would take two days to crack. The password kdjzmpuelaqj (12 characters long with only lowercase letters) would take four weeks to solve. If you add one more letter to make kdjzmpuelaqjs, a 13-character password, it would take a computer two years before it could find the right combination.
3. Don’t use names, words, dates or patterns.
The federal government last year adopted new password guidelines that drops the need for “mixtures of upper case letters, symbols and numbers.” That makes creating longer passwords easier.
However, long passwords can still be easy to crack if they contain overused characteristics. Alvaka Networks, a provider of IT and network solutions, reported that research shows that weak passwords also include:
- Words;
- Names;
- Verbs;
- Colors;
- Animals;
- Fruits;
- “Love” phrases;
- Superheroes;
- Days of the week; or
- Keyboard or phone dial pad patterns.
So, don’t use passwords that contain 12345, qwerty, blueapple or fastelephant. Again, longer is only better if you refrain from using common elements.
4. Create a unique password for every account.
Committing to using a long password is a good start, but you’ll need to create a unique one for all of your accounts … or at least, the accounts that you care about and want to protect from hackers.
According to Dashlane, an online password management system, the average number of online accounts registered to one email address in the United States is 130.
Who can remember or keep track of that many passwords? It can be overwhelming. But most users know that it’s risky to use the same password for multiple accounts.
In a study commissioned by LastPass, a digital password management service similar to Dashlane, 91 percent of respondents said that they understood the risk of reusing a password, yet 61 percent still do.
Don’t use autofill in your web browser. It’s not a secure method to keep your passwords. Instead, consider using an online password manager. They allow you to create unique passwords for every account, with variables for length, letters, numbers and keyboard characters. They have accompanying apps and browser plugins so that you can access your passwords on all your devices and can auto-populate your logins. You simply need to create and remember one master password to access the virtual vault.
Nuvision doesn’t endorse any particular password manager. Each offers a slightly different security features, but all promise strong encryption. You can do an online search for “best password managers,” but those that are listed frequently include:
- 1Password
- Dashlane
- KeePass
- LastPass
- RoboForm
- SpashID Safe
- Sticky Password
All offer a free basic account while all except KeePass have modest monthly premium accounts (ranging from $4 to $11.99) that offer additional features. All also run on Windows, Mac, iOS and Android.
5. When possible, use two-factor authentication.
Two-factor authentication (also known as 2FA, multi-factor authentication or 2-step verification) is a type of online security feature that requires another login verification in addition to a username and password.
For example, after you sign in, a typical 2FA might require you to type in a mobile phone number that matches the number provided when you created the account. You will then receive a text message with a unique security code that you need to enter. You’ll need to do this every time you log in. This type of 2FA provides extra security because only the person in possession of the phone will receive the code.
Google reported that less than 10% of Gmail users enable two-factor authentication. According to Google, that means, “the remaining 90% [are] more vulnerable to cyber-attacks.”
Don’t leave yourself vulnerable. Follow the five steps listed above and you can greatly reduce the chance that you’ll become the victim of a hacker or cyberthief.