Some days it seems like everything in our lives requires a password: banks, apps, debit and credit cards, online banking, business applications, healthcare accounts . . . the list is literally endless. Technology professionals recommend that you use a different and highly secure password for each site — but how is it even possible for humans to associate that many unique and unusual passwords with the correct website or application? You continually hear cautions from security professionals that simple passwords or those that are reused make it all too easy for hackers to break into your accounts and steal your sensitive personal, health or financial information. Even your social media accounts and business websites are being used to glean information about your life that can potentially be used as details to build a complete biography in hopes of breaking into your confidential data. With all these challenges, these four strategies will help you create the super strong passwords that you need to stay protected online.
1. Avoid Simple Concepts and Terms
Few people enjoy creating unique and individualized passwords for each application or website, but it’s crucial that you avoid these Top 100 terrible passwords, as compiled by SplashData. The list includes everything from the expected “123456”, “password”, “sunshine”, “princess”, “football” and “monkey”. From the list, it looks like men and women are equal opportunity offenders when it comes to poor password selection, and SplashData estimates that approximately 10% of people have selected at least one of the Top 100 worst passwords in the prior year. Think of it like this: if the password seems simple for you to remember, it’s probably going to be simple to hack as well. This includes the standard dictionary of user names, birthplaces or birthdays, favorite colors or foods, pets and the names of relatives.
2. Long, Random Words Are Tough to Guess
The days of a hacker sitting in a basement in the dark trying to guess a complex password are long over. Today’s attempts to breach your account are through sophisticated computer programs that can try millions of word and number combinations very quickly. Previously, the government’s cryptography expert recommended that you create a phrase that you can easily remember and simply replace some of the letters with numbers or other letters to make it more difficult to read (and remember!). Bill Burr’s 2003 password creation recommendations are no longer considered valid, and he has since rescinded those recommendations in favor of creating a long string of random words. Well-known Bible verses, famous movie lines and other phrases that are common to the American vernacular are not ideal — nor is the phrase on your favorite coffee mug.
3. Don’t Reuse Passwords
We get it. It’s tough to remember a bunch of different long, complex and rambling phrases. Wouldn’t it be a lot easier to simply create a single phrase that you could use everywhere? It would be easier for you — and also for anyone attempting to gain access to several of your accounts at once. Reusing passwords is a major no-no, but one error that many people commit. If you ever need to share a password with a service provider, you need to be sure to change it so you don’t have that information floating around anywhere. Would you rather have hackers gain access to a single system, or have to cancel every credit card and account that you own due to having a shared password?
4. Use a Password Manager or Random Password Generator
Keeping track of your highly complex and secure passwords is something that can be difficult for humans, making password lockboxes a necessity. Instead of getting a small notebook that you lock up in your purse or pocket, consider using a password manager. These secure online solutions allow you to create a single, memorable password to a platform that automatically creates passwords for each new application or system that you need to access. When your computer is creating and memorizing these passwords for you, you’re much less likely to make simple mistakes when creating your password. The best programs also provide feedback on how secure your password is and when you should make a change. Avast, a leader in online security, offers a free random password generator that you may want to check out, too.
Creating and remembering secure passwords could either be a full-time job, and you could still end up with vulnerabilities due to the common nature of the words that you choose to make up your passwords. When you follow these four password strategies, you are more likely to protect your important business and personal accounts from both humans and computers.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.