Is your password still your birthday? Do you get that guilty feeling every time you use it, swearing you’ll be more creative next time you login? For good or bad, you’re not alone. 91% of people in a recent survey said they knew they shouldn’t reuse passwords, but 59% continue to do so. Unfortunately, we live in a time when data breaches are part of the norm. In fact, in the time it takes to finish this sentence, there will be approximately 280 data records stolen. Not only are you putting yourself at risk, but your company and coworkers as well. It’s time to stamp out those nasty password mistakes and start on the right foot.
The most common password mistakes
- Thinking a weak password is ok for some accounts. You may be thinking that hackers are more interested in your PayPal account than your FitnessPal. And you’re right — for the most part. Hackers will often start with a login on a less important account as a way to climb the ladder to your more valuable accounts. Users should be aware that every login is important for a hacker, whether it’s your banking password or online shopping account.
- Reusing passwords, especially from home to office. Turns out slight adjustments to your tried-and-true password is not enough of a change to thwart off hackers. It becomes even more problematic when you use the same passwords across personal and business accounts. Once this gap is breached, confidential information for your business, coworkers and even clients may be exposed. For example, an employee of Dropbox reused a personal password, ultimately leading to the credentials of over 60 million accounts being seized.
- Sticking to the default password. Always remember to change any new logins created by your tech department. ‘Admin’, ‘password’, or ‘12345’ might be easy to remember, but it’s not worth the risk. Plus, it’s often the first words hackers try.
- Not using two-factor authentication when available. You have likely used this process recently. It requires a second verification to log into an account, typically it’s an additional pin sent to your phone or fingerprint scan. This added step in security ensures that no one other than you will be able to access your account. If given the option, always activate the two-factor verification process.
Tricks to creating a secure password that you’ll actually remember
If you’re anything like the majority of people, you should probably update your passwords. The hurdle for most people is the fear of forgetting their new password. In fact, the same study found that only 55% of victims change their password after they discovered they were hacked. The truth is, secure password habits is actually pretty easy to learn and utilize. The trick to a hard-to-crack password is one that is unique, easy for you to remember, but also hard to guess. Just follow our tricks below and you’re accounts will be like Fort Knox in no time.
- Make passwords lengthy and complex. A secure password should contain at least 12 characters, with uppercase and lowercase letters, as well as numbers and symbols.
- Avoid using painfully obvious passwords, or commonly used words in passwords. For example, ‘12345’, ‘asdfghjkl;’, or ‘password’.
- Don’t use information that a friend or family member would be able to guess. Hackers would likely be able to decipher it as well. Avoid using information like you or your family member’s birthdays, your favorite band, your home address, maiden name etc. If it’s something a facebook search could reveal, avoid using it in your password. You can still make it personal and memorable to you without using these general and searchable facts.
- Try using a passphrase instead of a password. A passphrase is a string of letters or words put together, making it unique and harder to crack. You can still personalize it to make it memorable. For example, use your favorite breakfast, ‘startthedaywith_Eggs&bacon.’
- Use a phrase or acronym to keep it memorable but also obscure. For example, ‘2BorNot2B_ThatisThe?’ (To be or not to be, that is the question) or ‘4Score&7YrsAgo’ (Four score and seven years ago).
- You can also be systematic about your process. Use passwords with common elements, but customize for the account. For example, ‘ABT2_uz_AMZ!’ (about to use Amazon) ‘ABT2_uz_BoA!’ (about to use Bank of America)
- Use the keyboard as your reminder. Create a password by creating a shape on the keyboard. For example, by creating a big W starting at 1, my new password is ‘1qsxfthmko0’. That’s pretty tricky to decipher to an outsider, while still being relatively easy to recreate. Try different patterns, like smiley faces, hearts, or a letter you will remember. Just be sure to avoid completely straight lines across the keyboard.
- Get in the habit of changing passwords regularly. Start with National Change Your Password Day on February 1.
- If you’re still wary of forgetting passwords, use a password manager to generate and store your passwords. Here are some the the top rated managers on the market.
- Hopefully this is a no-brainer, but should be repeated for any roadwarriors out there – always use a secure wifi connection when creating a new password or logging into an account. Wait until your home or in the office to make any changes. Hotel wifi is often not secure enough for sensitive information.
Passwords are truly the first line of defense against identity theft. Whether it’s a food delivery app or banking account, it needs to hold a strong defense against impending attacks. These simple tricks may taxing to start with, but will keep you and potentially your company’s information safe.