Originally published on Family Online Safety Institute.
All of the rules and requirements around creating a password can get exhausting. Sometimes you need a symbol other times just a mix of upper and lowercase letters. Why can’t we just make it whatever we want, something easy like abc123? Ideally, the freedom to create simple passwords would be nice but in a world where we literally do everything online, safety and confidentiality hinge on a secure password.
What makes a strong password
A strong password is one that is unique to you. One that wouldn’t be easy for anyone else to guess. More importantly it isn’t easy for hackers to crack. This requires a combination of lowercase and uppercase characters, symbols and numbers. It is suggested that your password be at least eight characters long, contain a combination of letters, numbers and symbols; a mixture of upper and lowercase letters and be associated with your name or username. If you really want to set the bar high, try not to include any complete words in your passwords.
Tips for avoiding having your password hacked
- Don’t login using your password on a public wifi….even at Starbucks. These networks are in place for our convenience but are not secure. Using any site that requires you to type in a password while connected to an unsecure network puts you at risk. You might be thinking that you don’t really care if your twitter account gets hacked, but your twitter password may provide clues to other passwords you have protecting more serious accounts such as banking. Which leads perfectly to the next tip...
- Do not repeat the same password across multiple sites. I understand it is hard to juggle multiple passwords and as tempting as it is to just stick with one password for all sites it just isn’t smart. Also do not think a password is different just because you juggle some numbers around, add a character or change what letter is uppercase. aBC132 is the same as abC123.
- Avoid using names in your passwords or any information that can be found on your social sites. It might be tempting to you use your spouse's name with your wedding date as your password but this information is easy for anyone to guess viewing your social media profile. Same goes for pets, kids etc. Avoid using any information that can be found online attached to your identity.
- Try not to create any record of your passwords. After learning that you need to have multiple and different passwords, it might be hard to fathom how to remember which password is tied to which account without some sort of record. If you can’t commit this information to memory (I have trouble with this) and need to have some sort of record than physically write it down, I suggest in a notebook, and keep it in a safe place. Never make a digital copy of your passwords. Even an Excel Spreadsheet saved on your hard drive, and not to a cloud database, is a risk. Also, if you choose to write down your passwords try to create some sort of shorthand that would be hard for anyone other than yourself to understand.
- Be careful who you share your passwords with. In most cases share your passwords with no one, but if you for any reason you need to share your passwords with a spouse or financial advisor make sure you ask how they plan on storing the password. It is your right to request your password not to be saved in any sort of database. Ask as many questions as you need to feel safe before ever sharing your password. Again, your password is safest when you keep it to yourself. If you ever have to divulge your password to a sales associate or customer service rep. change your password after they are done working within your account.
Also remember to change your passwords about twice a year or at the first sign of any unusual behavior within any of your accounts. If your email account was hacked it would most likely be wise to do a total password overhaul on all platforms.
Being able to do everything online is so convenient. But along with the luxury comes responsibility and risk. Take responsibility to protect yourself and create passwords that are strong. There are tools available to help you test the strength of your passwords.Originally published on Family Online Safety Institute.