Did you know that May 7 is the World Password Day? We have prepared a short practical guide on how to create and manage passwords.
A strong password today is one of the most important and easiest ways to protect sensitive data online. Unfortunately, many people still underestimate the strength of passwords, making hackers’ jobs easy.
World Password Day was Intel’s idea, which was supported by other large companies in the industry, in particular Microsoft, Apple, Google, Samsung and others. This initiative is designed to help people realize the importance of one of the most frequently repeated actions – setting a password that meets Internet security criteria. Two-factor authentication is not always possible, so a strong password is often the only guarantee of data security. Unfortunately, despite repeated warnings from cybersecurity experts, many people still underestimate the threat until, of course, something bad happens.
To prevent this bad thing from happening, we will try to give some simple tips that will help you secure your stay on the Internet, as well as complicate the life of cybercriminals.
Create different passwords on each site
If there was a list of violations in terms of network security, then having the same set of username + password on each website would certainly be in the top 3. Why? Well, in the event of a leak from any of these sites, the first thing the hackers do is check if this set matches other websites or financial services such as PayPal.
Moreover, for this reason, some companies (for example, Microsoft) do not recommend changing the password after setting it. Why? Since with a large number of accounts in which we need to change the password, there is a risk that you will use a certain template (for example, adding a different number to the password). In this case, potential thieves will be able to decrypt it very simply. A strong unique password will protect you all the time.
The question is: what is a strong password? There are many manuals about this. Most of them emphasize the same thing – the use of uppercase and lowercase letters, numbers, special characters, as well as the creation of a password of appropriate length. But how do we know that the phrase we created is complicated? We can verify it before setting a password, thanks to sites such as howsecureismypassword.net. And if you have a Chrome browser, Password Checkup extension can do it for you, determining the strength of the selected password. According to cybersecurity researchers, 9 out of 10 users worldwide have a password that can be cracked in less than 6 hours. If you beat this result, you can be proud.
On the other hand, if you don’t feel confident enough to come up with a difficult option for passwords, then use our next tip.
Generate passwords, not create them yourself
Programs that allow you to create a strong and secure password, such as LastPass, are currently free, and it takes literally an instant to use them. Special utilities allow you to generate any number of passwords and configure them, for example, depending on whether it is easy to pronounce or save them – and make them easier to remember.
However, you won’t have to remember passwords if you follow the tips in the next section. And we strongly recommend that you use passwords that cannot be remembered.
Use password manager
Users and experts sometimes have different opinions about password managers. Someone urges to try to use them less, since they are also vulnerable to hacker attacks, and well-known sources have written about it more than once. Others, on the contrary, say that their use is safe and makes it easier to save passwords if you have a lot of accounts on different sites. Despite such differences of opinion, we still recommend using them.
Thanks to such a manager, we do not need to remember dozens, if not hundreds of combinations of letters and numbers, but only one very strong password for the manager.
Auto-completing password is also worth mentioning here. In the case of the desktop computers we use at home, this is a relatively safe method. However, if you are using a laptop or phone, remember that these devices are easy to steal. If you have autofill enabled, you will also give the thief access to all your accounts.
People who value convenience are especially pleased that today you don’t even need a separate password management program, because this functionality is increasingly common in web browsers. Mozilla recently introduced it as a Firefox Lockwise feature, and Chrome also recently introduced a new kind of password manager. So there is no excuse not to use such a manager.
It’s no secret that sometimes users themselves violate security rules. Moreover, they often consciously take risks. But sometimes we do not understand that some actions are unsafe. Cybersecurity experts often warn you to be careful when using social networks and chats. For example, on Facebook Messenger, users often send scans of IDs, confidential documents from work, as well as logins and passwords for company accounts, online banking or other portals.
It is for this reason that social networks are such a common target for hacker attacks. Don’t save passwords either in electronic form (for example, in the cloud file) or in physical (some people love attaching Post-it Notes with passwords to the monitor). And generally it is not necessary to send passwords through instant messengers explicitly or in files, even if you trust the other person. If it happens that you need to send a password to someone, then do not forget to change it immediately afterwards. You may trust the person to whom the credentials were sent, but this information can easily fall into the wrong hands.
Check for password leaks from time to time, change passwords periodically
Password theft, leaks from social networking servers and sites. This happens regularly. Think about the recent scandal with Facebook, when the accounts and passwords of hundreds of thousands of users leaked to the Web. It doesn’t matter if it’s a database of the state registry or your favorite university, none of them are 100 percent resistant to attacks or human errors. Therefore, from time to time it is worthwhile to monitor whether the username and password for your account have been leaked.
To do this, use tools that compare your login with known cases of leaks. Such tools are available on Haveibeenpwned.com. Sometimes news and password leak data is also easy to find in Google Chrome or another browser.
Of course, the list above is just the basics of how you can take care of your online security. And now I would like to ask you how do you ensure your security on the Internet and how secure your password is. What would you add to the above list? Share your opinions in the comments!
Subscribe to our accounts: