It’s common knowledge that passwords should be secure, but do you know how strong your password really is? The vast majority of us use the same password across all platforms or too close a variation of the same password for everything we access. Also, most of us rarely change our passwords. In a 2017 survey, Keeper Security found over 80 percent of us reuse the same password, and nearly a third of us (29 percent) share a password with two or more people. Nearly every month there’s a major data breach that exposes people’s passwords, and without your passwords being strong and unique, you will need to constantly update your password to remain protected.
How To Keep A Password Safe
Even firms in the business of keeping information safe and secure are on the list of the most prominent data breaches ever. Equifax, the major credit data firm, had millions of customer passwords and emails stolen. RSA Security had a theft that compromised its SecureID two-factor authentication tokens. They are considered the gold standard of security.
Dozens of major company online account records have been hacked. That means the likelihood your email and password from one of those accounts have been sold is very high. How do you keep your password safe?
Here are some best practice recommendations when it comes to keeping your passwords safe.
Passwords on the Dark Web
A scary reality is that you may not even know your password has been breached. A great way to protect yourself is to annually scope out if your information has been sold on the dark web.
Fortunately, there is an extremely secure website that will inform you if your email or password is available for hackers online – and the source that exposed it. The site is called “have i been pwned?” and you can use it to check on your email and password, here: https://haveibeenpwned.com.
The thought of your information being sold and available online is intimidating, but you might not even have to go to the Dark Web to learn if your password and email address has been compromised. A Google Search just might reveal a list of passwords and emails hackers use with “brute force” software to break into accounts. That is another way to scope out the security of your password, but the fact of the matter is, if you’re online, you can bet that your information has or can be sold on the dark web. The best way to protect yourself is through frequent changes to your password and keeping your password unique across all platforms, so that in the event your password is sold, it can easily be remedied instead of a disaster.
Is Your Password Strong Enough?
Although there are many vulnerabilities online, there are also many ways to protect your passwords. There are several online tools that you can use to test the strength of your password. The stronger your password, the safer your password is from hackers. Check out How Secure Is My Password or Password Meter.
Our Rush Tech Support analysts suggest that you can use a variation of a password safely for different accounts, as long as you keep in mind a few best practices:
– Use 12-14 characters
– Include caps, numbers and special characters (if allowed)
– These first two requirements are part of the algorithm password testers tend to use
– Make it unique, but very easy to remember for you
– Remember, one of the most common ways that hackers can break into accounts is by guessing common passwords. The more difficult your passwords are, the higher the likelihood that a hacker will simply look for easier targets.
An easy way to create a difficult hacker-proof password is by using a passphrase. Instead of a single word and characters, it is a sequence of words or other text that acts as a password. They can be much harder for hackers to crack, and easier for you to remember, such as “My p@ssW0rd i$?”
Do NOT Store Passwords in Your Browser
Most of us store passwords in our Internet browser because it saves time, and, when we have so many different passwords, it’s frankly hard to keep up. The bigger benefit: we don’t have to remember which unique strong password we had to use. When we use the saved passwords on our browsers and see our passwords populate, they appear hidden in asterisks. So, it is common for users to assume that asterisks = secure.
That is not entirely the case. There are two facts that we as users need to realize. First of all, most browsers will allow you to see every single password stored. In a Chrome browser, for example, if you have your computer’s single admin password, it will reveal your password for every one of your stored accounts. Second, there are software programs that will export all of your passwords from almost any browser.
Although the password appears secure to you, the passwords are stored on a very easy-to-access portal that is a hacker’s paradise. In life, if it’s too good to be true, it probably is, and when it comes to saving passwords on a browser, it is way too good to be true. Protect your passwords and try to avoid the auto-save on browsers.
If that makes your life too inconvenient, there is another option for you that marries security and ease.
Using a Password Program
The best practice may not always be the cheapest one, but it is, the experts say, the safest one. Use a password software program such as Dashlane, LastPass or Keeper. These strong password generators are a life and time saver for people looking to be protected online.
For a small annual fee of $30 a year, these programs do the heavy lifting of password security management for you. That’s a tiny price to pay if you think what it could cost you if a hacker got into your bank or PayPal account. These programs help you use a different, incredibly strong password for every site and account you have. You only have one password to remember, and that’s to enable the password manager.
There are some free options, with more limited features, as well those that PC Magazine lists here.
Write The Passwords Down on Paper
Write all of your passwords down on a piece of paper with a pen. Put this sheet of paper in a safe or safety deposit box, and keep it available for you to update on an as-needed basis. This is vital, because if something were ever to happen to you, your significant other, or other heirs will need access to your accounts. They will also need access to your smartphone, your computer and any other device that requires a password. Consider this a gift to those grieving your loss, as one less thing to worry about. Morbid, yes, but it truly will protect you as well as benefit those you love without putting you at risk for hacking.
Take these five simple steps, and you will have done what you can do to keep your passwords safe. Do you have any other questions about password security? Call us at Rush Tech Support today to speak with one of our professional analysts that can set you up for secure passwords and a stress-free experience online. Call us today at