We use passwords to secure a variety of personal and professional accounts. These accounts can contain important data such as your banking information, medical portals, or company emails.
Protecting your personal and business online data should be a priority for anyone that has ever entered information into a web form. Without taking proper steps to secure your online data like login details, you could make yourself vulnerable to anything from phishing attacks to full account takeover (or even worse).
1. Choose Strong Password
Choose strong passwords that are memorable enough for you to easily recall, but complex enough to avoid anyone being able to randomly guess. The longer and more complex the password, the better.
So if you are using any of such passwords, change them now!
What can you do? Try to make your password as long and complex as possible, with a combination of symbols and alphanumeric characters. You can change a weak and simple password, such as password2020 to a strong and complex version, such as P@$$word_2020.
You can also use a nonsensical phrase that is not found in literature or the dictionary to strengthen your passwords. Take a phrase like, “The Lord is my shepherd” which can be used as “Th3_Lord_!$_ma!_$hep@d” to create a strong password alternative that is not easily guessed.
2. Frequently change your password
Sometimes we wait until a notification about unauthorized password attempts to trigger resetting account passwords. We don’t have to wait. Frequently change your passwords, especially for accounts with very sensitive information, and don't reuse them for several months on a different account or for any site that stores sensitive information about you. There has been a lot of debate regarding how frequent is frequent enough and many security guidelines suggest changing your password every 30-180 days for sensitive accounts or sites. Two recommended times to change your password is in the event any site you are associated with is hacked and when you return from a trip where you could have exposed your password on a public computer or network.
3. Use unique passwords for each account
Don't reuse passwords, keep them as unique as possible!
So many accounts? As much as we want to streamline our account login details so that we can remember them, using the same passwords for multiple accounts leaves our personal information vulnerable.
Imagine a user with the same password for several accounts. In that scenario, if one account was involved in a data breach or hack it would make all their accounts vulnerable to compromise as well. By ensuring that each of your accounts has a unique password - and I don't mean just changing a single number or character, minimizes the possible damage that could be done in the event that your credentials are exposed in some way.
4. Consider Turning on Multi-Factor Authentication
Consider adding a second layer of protection to your account by setting up multiple-factor authentication (MFA) where possible. A form of multi-factor authentication (MFA), the two-factor authentication (2FA), relies on an additional factor to further verify the identity of the user prior to granting access to data. Though the two-factor authentication (2FA) doesn't technically make your password stronger, it does help secure your accounts when paired with one. For instance, if a cybercriminal does somehow get your login credentials and password, they would still need an additional code to gain full access. These codes can be delivered to you in various ways including by call, text, or an authentication app depending on what the service you're logging into offers. Not every site or service offers MFA for account security so make sure to check.
5. Keep your passwords private
I get it - it's difficult to remember each password for every account. But avoid sharing password information or writing it on a sticky note that can easily be lost, thrown away, or seen by others. Avoid displaying your password, taking a screenshot that can be easily seen, or accidentally sent to someone else. If you are keeping a Password Hint document, be sure to avoid an obvious naming convention. This also applies to any books used exclusively for keeping track of your credentials. Because after all, any security enhancements you implement are just as easily voided if you're leaving the secrets to your credentials out in plain sight for anyone to use.
Closing thoughts
Cybercriminals are constantly creating new ways to decode account passwords. Maintaining good IT hygiene with an emphasis on strong and complex passwords is key in combating these attacks. In addition to strong password practices, use multi-factor authentication with credentials when available.
The bottom line is don’t wait until one of your accounts has been hacked before you make the necessary move, start organizing your passwords today and you will be thankful in the long run. Taking simple steps can make the difference between securing your personal information and becoming another victim of a cyber attack.
Consider adding a second layer of protection to your account by setting up multiple-factor authentication (MFA) where possible. A form of multi-factor authentication (MFA), the two-factor authentication (2FA), relies on an additional factor to further verify the identity of the user prior to granting access to data. Though the two-factor authentication (2FA) doesn't technically make your password stronger, it does help secure your accounts when paired with one. For instance, if a cybercriminal does somehow get your login credentials and password, they would still need an additional code to gain full access. These codes can be delivered to you in various ways including by call, text, or an authentication app depending on what the service you're logging into offers. Not every site or service offers MFA for account security so make sure to check.
👆👆👆👆👆👆👆 I don't understand this article 😌 what of the mining.?