Change Your Passwords
It seems like everyday there is a news headline about a major Internet security breach with passwords hacked, phished or stolen. It cannot be stressed enough that we all need to exercise better password safety precautions.
Mat Honan, a senior writer for Wired Magazine’s Gadget Lab, had the unfortunate experience of having his entire digital life destroyed in just one hour. His terrifying experience proves that a strong password is not enough anymore, but you must at the very least start with one.
Use Different Passwords Everywhere
It can be difficult to develop a perfect password that has all the right elements and yet you can still remember it, but do not be tempted to use it more than once. A study by BitDefender showed that 75 percent of people use the same password for their email and Facebook accounts. Now imagine what percentage of those might also use it for their online Banking or Amazon shopping password you can see why the risk is not worth taking.
Avoid Common Passwords
It should go without saying that you should never, ever, ever use “123456” or “password” as your password. Not only that, you should avoid at all costs using the name of your relatives, your kids, your pet, favorite team, or pretty much any word found in the dictionary.
Adding a number at the end of your password does not make it safer either. Hacker programs check for those variations too. SplashData’s “Worst Passwords of 2012” showed that bad password habits are simply not changing fast enough.
Complexity vs. Length
A strong password is one that cannot be easily guessed or broken. It should contain numbers, punctuation, and upper/lower-case letters. A complex password can be made even stronger with sufficient length. A 15-character password can potentially be 90 times harder to crack than a 14-character one.
Unfortunately users typically create password complexity in the same format. For example, when people are required to create an 8-character password with complexity, most will choose a standard dictionary word beginning with an uppercase letter followed by a lowercase letter. If they use a number, it will usually be a “1” or a “2” and placed at the end. If they use a symbol, it will typically be placed somewhere in the middle, often replacing a letter with a similar shape such as an @ or to replace an “o,” an exclamation mark for an “i.”
Two-Factor or Two-Step Authentication is a new added measure of security is being provided by many major sites such as Google and Facebook. Lifehacker has a handy post of all the places you can go to enable it for your online accounts.
For example, you can set Google to send a temporary PIN to your cell phone whenever you log in from an unfamiliar machine (this PIN must be provided along with your password the first time you attempt to log in via that new machine). This means a hacker would not only need to have your password, but your phone as well in order to gain entrance to your account.