are like keys,…
they open things; BUT can be lost, copied and stolen.
Here are a few ways to keep what is behind locked doors safe and secure:
- Long and Strong
Passwords should be “long”, minimum 12, ideally 20+ or the longest they will allow. Complex makes it “strong” with lower and capital letters, a few numbers and special characters like #$%^&. Best passwords are passphrases. A long sentence like password, something like: “PasswordAreBestIfLongAndStrong555&”. Throw in a few Capitals, a few numbers and some type of symbol.
- Not Easily Guessed
Avoid personal information like birthdays, anniversaries, addresses, nicknames, favorite sports, kids, pets. Nothing that could be guessed by snooping on your social media sites. This is where poor spelling is a plus. Nothing like the first row of letters QWERTY, 12345, 1qazxsw2 or the most used password “password”.
- Change Regularly
Some websites suggest changing annually, some only when there is a breach. Stay informed of sites that have been hacked.
- Safe and Secure
Do not keep your passwords on sticky notes, under your keyboard, in a file on your computer or even saved in your browser. These are the first place thieves will look. Instead, use an encrypted password vault; many are free and easy to use. Our favorites are Bitwarden and LastPass, they both have free versions.
Every lock has its own key, every website and device needs its own password. You have a different key for your car, house, a shed and the safety deposit box. Websites and devices need different passwords as well. A thief that gets one password from a breach for one site, then has access to all your accounts. Also, do not slightly modify passwords such as Facebook – FB12345, Gmail – GM12345, Amazon – Am12345… establishing a pattern only makes you just as vulnerable.
- Extra Layer
Imagine driving in your car and being stopped by police, you might be asked to produce your license and registration. At a bank you may need your license and social security number. A business may have a key to the lock and then a code for the alarm system. The digital world has two proofs of identity too. One is your password and the other is usually a code sent to your phone or email. The is called 2FA or 2 Factor Authentication. Yes, this extra step is annoying, but so is being hacked.
When you are done on a sensitive site like banking, shopping or your main email, logout. Close your browser when done for the day or about to travel with your laptop. Set your browser to clear all cookies when the browser is closed. This way, when you come back, you will need to enter your credentials again.