To protect our family and belongings, we make sure our homes and cars have strong locks. To protect our important personal documents, we make sure they are stored in a secure location. To protect our digital identities and accounts, we must do the same thing. We need to make sure our passwords are both, strong and secure.
As technology has evolved, passwords have become part of our everyday lives. Whether it be for your job, an online account, or to confirm your purchase of the new Candy Crush Saga from your app store, you need a password.
With the average person having somewhere between 70 to 80 passwords, it is no wonder why creating simple passwords or using the same password for multiple accounts is appealing. While you may be able to remember every lyric to your favorite song from 8th grade, remembering complex passwords that change every few months proves impossible.
The good news is we have some tips to help you make sure your passwords are secure, easy to remember, and manageable.
- Length beats complexity. We’ve always been told that the best passwords have a number, letter (both cap and lower case), and a special character, but the rules have changed. A passphrase, a sequence of words or other text, provides a better option because it is long and can utilize full sentences that can be easily remembered. The ideal passphrase is 16 characters or more and should say something that carries personal meaning to only you (like those song lyrics from 8th grade). Ex. Mybankisthebestbank is more secure and easier to remember than Bo@t789.
- Never use easily discoverable information. While your password or passphrase can be something personal to you, it should not contain anything that is public knowledge, on a social media profile, or anything that is part of your username or login ID.
- Each account login ID should have its own unique password. Never use the same password across multiple accounts, because if your password gets hacked once, the criminal has access to all your accounts.
- When possible, use multi-factor authentication as an additional layer of security. Multi-factor (meaning more than one way to identify who you are) combines something you know (password or security questions) with something you have (one-time password provided to you at time of login) or something you are (fingerprint). Criminals would need more than your password to hack an account.
- Use a password manager. It can create, store, and sync credentials across multiple devices. Because even though a passphrase may be easier to remember…you still have 80 of them.
Using these best practices can help keep you and your family’s digital identities more secure.