Good passwords are an inconvenience and we hate having to have a different password for each of our accounts. There, that’s out of the way. It’s the price we pay for living in an online world. So if you love peace of mind, here are some good tips for staying ahead of the hackers.
Creating effective passwords
These aren’t your daddy’s passwords. Even long phrases from obscure books and Wikipedia articles are not safe to use. Here are the minimum rules-of-the-road for creating passwords:
- Never use words you would find in a dictionary or phrases found in books or on the web.
- Never use numbers from important dates (birthdays etc.) or addresses, phone numbers etc.
- Use long passwords, 8 characters minimum.
- Mix lower case and capital letters, then throw in at least one symbol, like an asterisk or pound sign.
I recommend using a password generator. Password generators are bundled into most of the password manager apps. Generators are also freely available online at sites like:
- passwordsgenerator.net
- strongpasswordgenerator.com
- identitysafe.norton.com/password-generator
- random.org/passwords
Password generators can help you avoid making the mistake of thinking your password is secure, when really it isn’t. Generators will ask you for the length of password you desire, and what extra characters you want to include and spit out gibberish. Gibberish is good. Gibberish is hard to hack.
If you are going to create your own password, consider using a passphrase, at least for the all-important password you need for a password manager. That one you need to remember. You can make up a passphrase from a favorite memory, movie saying, or even poetry. Don’t use the words, just letters from the words in your phrase, then mix it up with upper case letters and symbols. Google uses, as an example, the phrase “My friends Tom and Jasmine send me a funny email once a day” to create the password “MfT&Jsmafe1ad.” Try guessing that one.
And never, ever, reuse passwords. Unique passwords can help limit loss to one account in the case of a hack.
Email is more important than you think
Your email password might just be the most critical of all of your passwords. The reason is simple: Password reset requests are sent to email addresses for verification. If I can hack your email account, I don’t need your bank account if I can simply click the Forgot Password? button on the bank’s website and reset it. Ditto for all the other accounts you have. It’s a good idea to have a separate email account, one that doesn’t use your name in the address, for financial websites. Don’t use it for anything else. That way, hackers grabbing email addresses from the web, including social media sites, won’t have the email your bank will use for a reset request. Just another level of security.
Password management tools
Creating and managing strong passwords will never be your favorite leisure-time activity, but there are tools that can help. Password “wallets” or “managers” are programs that securely encrypt and store your passwords. You only have to remember one password, the one that opens the wallet, to get to all of your other stored passwords. Think of it as a locked file cabinet. You only have to be able to get into the cabinet to access the contents.
Most password managers are capable of syncing across a wide range of devices, meaning that you can access your passwords with a single app on your PC, Android, and IOS device. You can also log in via a browser and the Internet. Some password managers also offer browser extensions. On a trusted computer, perhaps the one in your home, the extension can be configured to automatically log you into sites and fill out forms for you. Handy and fast!
Here are some of the top choices in password managers:
- LastPass
- Password Genie
- SplashID
- Roboform
- Dashlane
- mSecure
- KeePass
- Norton Identity Safe
There are others as well. Some are free, or have a free basic version and a paid premium version. They can help keep you sane when you are trying to stay safe.
Data breaches
There are lots of ways to steal data. When you hear that there has been a data breach that might affect you, like the recent Target data theft if you are a Target shopper, change your password immediately and monitor your account for anything suspicious. This is the perfect example of why you should have different passwords for different accounts. And probably a good reason to shop with a credit card too, since credit cards protect the user more than debit cards.
Worth the pain
Passwords are a pain to manage, but that’s nothing compared to the pain of having your identity stolen or having your bank account emptied. There is no such thing as perfect security, especially when there is so much out of your control, but you can do a lot to minimize the risk and damage.
