Use these 7 tips to modify your passwords and create top-notch online security for your data.
Your passwords are your first line of defense against online scammers. But few people really think that a strong password is really important. You should not use any references to movies or music when choosing a password. Also, do not come up with the same passwords for several accounts. Yes, there are many nuances.
Admit it: Your passwords aren’t too strong. The recommendations below are a matter of first necessity. Take them as seriously as brushing your teeth in the morning or eating vegetables.
1 Use a password manager.
A good password manager like 1Password or LastPass creates strong and unique passwords for all your accounts. This means that if one of your passwords does fall into the hands of criminals, they won’t have the "key" to the rest of your accounts. The best password managers can be synced between your computer and smartphone and have an autofill feature. Now, instead of having to remember dozens of carefully crafted passwords, you just need to pick up one master key for them. How to make it as reliable as possible? Read on.
2 Create a long password.
While unique characters and uppercase letters are important, length also matters more. Once you come up with a password in the 12-15 character range, it becomes much more difficult for a hacker to use a brute-force attack to guess it. However, be careful not to use movie or pop culture references or certain pre-made templates.
3 Diversify your passwords.
If you do decide to use special characters, be wise – do not try to add them only at the beginning, middle or end of the password. Place special characters throughout the password, which will further confuse the hacker.
4 Don’t change anything.
Does your corporate IT manager make you change your password every three months? You know, he is fundamentally wrong. The less often you change your password, the less likely you are to forget it or create a new one using an existing template. For example, if you change the number at the end of the password each time, this makes it much easier for attackers to crack.
5 One site – one password.
If you are already using a password manager, this recommendation is not for you. But if you’re not yet ready to trust such a program, at least make sure you don’t use the same passwords for different accounts. If you do this, then stealing your password from the VK social network can cost you several thousand rubles from your bank card. The scammer simply uses this password to gain access to your money account. Have I Been Pwned has 5 billion compromised passwords. If at least one matches yours, consider that you have already been hacked.
6 Don’t trust your browser.
Of course, it’s very convenient when you can use your browser instead of using a paid account in a password manager, because it itself is able to save confidential data for your accounts. You are already aware of this and probably even use this feature for at least one site. You shouldn’t do this anymore. These passwords are very rarely well protected from attackers, so if you’re sorry for the money, use a free password manager like Dashlane instead of trusting your data to Chrome.
7 Two-factor authentication.
One password is not enough these days. Many services that you use now (social networks, banks, Google) have an additional layer of protection. It comes in the form of a code sent to your phone via SMS, or as a program like Google Authenticator, or as special hardware like the YubiKey. SMS is enough for most people, just remember that one strong password is often not enough.