Passwords – how safe are yours?
We all use passwords for any number of things. Logging into email, Facebook, Pinterest, etc. Most websites or programs that need passwords use what are called password requirements to insure that the passwords you choose are sufficiently complex. This complexity can take the form or requiring that you use a combination some or all of these:
- Upper and lower case letters
- Numbers
- Special characters – for example @,#,$,&, etc.
Password requirement may also insist that you don’t use known words or that, if you are changing a password, you don’t reuse the same password in the space of a year, or ever. It may also be a requirement that you don’t use passwords that use repeated or sequential characters (123123123 or 1234567).
Poor passwords account for a large percentage of the total number of security breaches but choosing a strong password can be a tricky, and sometimes even stressful, task. Here are some hints to help you chose a strong, secure password.
Don’ts
- Don’t keep your password in an unencrypted file on your computer. Many people will use a Word document or a spreadsheet to keep track of their passwords. But what if your computer is stolen? Or hacked? The thieves would have the keys to everything you have – banks, email, SIN numbers, etc. If you feel the need to write down passwords, keep them in a book and keep the book in a safe or another part of the house. Or encrypt the file you store them in with a password only you know.
- Don’t use words or phrases or passwords that contain personal information, such as your birthdate or address.
- Don’t use the same password for multiple things. For instance, don’t use the same password for your email, Facebook and a blog you follow that you use for your financial institution.
Dos
- Do use a password generator. Password generators can be configured to meet the password requirements you need for the given website or program. A free one that is provided by a trusted security company is https://identitysafe.norton.com/password-generator/ . This will ensure that your password is as strong as it can be without you having to come up with it on your own.
- If you don’t want to use a password generator, be sure that you make your password as random as possible
- Make note of your password. Memorize it or put it in a book that can be stored securely. A strong password isn’t much use if you don’t remember it. This is the reason so many people use weak passwords – they want something they can remember.
- Do use a password manager. Password managers stored your password/username combinations in an encrypted file. You only need to remember the master password for the manager. That’s just 1 password! There are a lot of free ones available – many paid anti-virus programs include them.
- Do change your passwords regularly. As much as we hate to do it, should a website you frequent be compromised and your credentials stolen, that information will only be useful to the bad guys for as long as the information doesn’t change. When you change your password, you usefulness to them disappears.
- This should go without saying but we’ll say it anyway – DO keep your passwords to yourself! Don’t share your passwords with anyone. Even if you trust the person, once your password is out of your control you should consider it compromised and change it.
