We’ve all read news stories about hackers cracking the security systems of email providers, credit card processors, and government agencies. The residual effects of these crimes are felt by hundreds of thousands of innocent victims whose only “mistake” was being in a merchant’s or provider’s database.
For an individual or a small business, the fallout from a stolen password can range from merely annoying (having to reset and remember a new password), to potentially disastrous (malware, identity theft). That’s why it’s important to practice safe password creation and management.
Create Effective Passwords
Here are some tips for creating strong passwords and using them safely, so you can continue to keep your information safe and private.
- The longer the password, the stronger the password. Between eight and twenty characters is a good range.
- Don’t use easily-guessed passwords, like your address, your birthday, or your kids’ names.
- When you register on a site and are presented with an initial password that you’re requested to change upon first login, change it! Don’t continue to use default passwords.
- Don’t use just letters or numbers – use both upper- and lower-case letters, numbers, punctuation marks, and special characters, and place them randomly in the password. Special characters include: ! @ # $ % ( ) – _ + , = < > : ” ‘
- To make your password easier to remember, use a phrase or song title and swap selected letters with caps, numbers, or special characters. For instance, “Boogie Woogie Bugle Boy” becomes “Bg!e_W0oge_Bg1eb0Y.” Or (if you’d like something a little less complicated), use the first letters of each word in a phrase to create a password. For instance, “The quick brown fox jumped over the lazy dog” becomes “TqBFjotLD.”
- Create different passwords for different accounts. That way if one account is hacked, all your accounts won’t be compromised. And don’t use your online banking or other financial-related passwords for online shopping or free email accounts!
- Change your passwords on a regular basis – at the minimum, every six months.
- Don’t share your password, and always log off when you’re using a shared computer or you may inadvertently share your password with the next user.
- Check your password’s strength at the Microsoft Safety & Security Center before you send it out into the world. It’s free, and only takes a moment.
Manage Your Passwords
So now that you’ve come up with a group of passwords you’re confident no hacker could crack, how do you keep them all straight and, more importantly, how do you remember them?
Three words: password management software.
Password management programs securely store all your passwords and PINs in an encrypted format and a location that’s easy for you (but not the bad guys) to access. Some managers are stand-alone programs that store your information on a desktop or laptop hard drive, smartphone, or a USB jump drive. Others are cloud-based, with your passwords stored on the provider’s servers. And still others are web browser-based.
There are a number of good password managers on the market, depending on your needs, budget, and level of technological expertise. All of them work to safeguard your login information against hacking, cracking, phishing, and pharming, and relieve you of the need to memorize 20 different passwords along with the incredible amount of other information we’re tasked with remembering on a daily basis.
For more information on password management software, check out PC Magazine’s review of the top password management programs. Another good read is this Lifehacker article on password managers.