In our modern world today, we use passwords for everything.
No doubt you have your favourite, however with increasing security breaches across many big web portals it's critical to ensure you protect yourself as best as you can - without going crazy or paranoid of course.
The very real worry is that the breach of one website exposes your details, particularly username - normally an email and your password - to a vast underworld for sale. You may be thinking, "So what, it's just one site and probably not important", however what are the odds that same email and password are used not just at one other site, but likely at 5 other, 10 other, ALL other websites you use?
So what can you do to minimise the risk as much as possible of either your password being guessed, or otherwise it being hacked and tried on other sites you may have accounts on?
Create Secure Passwords
According to SplashData's annual report of the 25 most common passwords thankfully 'password' is no longer the most popular. Unfortunately the next popular is now number 1 - '123456′...
Microsoft has an excellent page on information and tips on creating secure passwords.
Among the tips, a strong password:
Examples
Uppercase letters
A, B, C
Lowercase letters
a, b, c
Numbers
0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces
` ~! @ # $ % ^ & * ( ) _ - + = { } [ ] |:; " ' < >,.? /
In creating a new secure password, substitute numbers for letters. For instance instead of 'Monday Tonight' as a password, you could use 'M0nd4Y_2N1t3′ or something similar.
Two Factor Authentication
This is slowly becoming more widely used. First you use your password, but second you have a challenge question, like "What is your Mother's Maiden name?". Other Secondary Authentications can include a code sent to you phone via SMS - so this immediately adds a further layer of complexity towards hackers breaching your security.
There of course is still the question of hacking a site via a backdoor (ie not via the normal above routes... )
Create Unique Passwords
This is the tricky part, to be secure, don't use a password more than once across your sites.
That's the official recommendation and while definitely true, we'd prefer to recommend scales of passwords.
For Instance:
Critical Passwords: Internet Banking, Perhaps Social Media - Create Unique Passwords
Medium Passwords: Online Stores that Store Your Credit Card Info - Create Similar, but maybe slightly changed passwords
Everyday Low Risk: Logins to Forums, Basic Online Stores (that Don't store card details) etc... - Use the same password.
An Online 'Black Book'
Another tip is to use a password storage service, these can integrate with browsers and websites and some can even integrate across platforms.
Some good ones include:
While we have passwords, unfortunately we will have hackers and they will win some battles. But as long as you mitigate your risk as best you can you go a long way to protecting valuable money and data.
No doubt you have your favourite, however with increasing security breaches across many big web portals it's critical to ensure you protect yourself as best as you can - without going crazy or paranoid of course.
The very real worry is that the breach of one website exposes your details, particularly username - normally an email and your password - to a vast underworld for sale. You may be thinking, "So what, it's just one site and probably not important", however what are the odds that same email and password are used not just at one other site, but likely at 5 other, 10 other, ALL other websites you use?
So what can you do to minimise the risk as much as possible of either your password being guessed, or otherwise it being hacked and tried on other sites you may have accounts on?
Create Secure Passwords
According to SplashData's annual report of the 25 most common passwords thankfully 'password' is no longer the most popular. Unfortunately the next popular is now number 1 - '123456′...
Microsoft has an excellent page on information and tips on creating secure passwords.
Among the tips, a strong password:
- Is at least eight characters long.
- Does not contain your user name, real name, or company name.
- Does not contain a complete word.
- Is significantly different from previous passwords.
- Contains characters from each of the following four categories:
Examples
Uppercase letters
A, B, C
Lowercase letters
a, b, c
Numbers
0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces
` ~! @ # $ % ^ & * ( ) _ - + = { } [ ] |:; " ' < >,.? /
In creating a new secure password, substitute numbers for letters. For instance instead of 'Monday Tonight' as a password, you could use 'M0nd4Y_2N1t3′ or something similar.
Two Factor Authentication
This is slowly becoming more widely used. First you use your password, but second you have a challenge question, like "What is your Mother's Maiden name?". Other Secondary Authentications can include a code sent to you phone via SMS - so this immediately adds a further layer of complexity towards hackers breaching your security.
There of course is still the question of hacking a site via a backdoor (ie not via the normal above routes... )
Create Unique Passwords
This is the tricky part, to be secure, don't use a password more than once across your sites.
That's the official recommendation and while definitely true, we'd prefer to recommend scales of passwords.
For Instance:
Critical Passwords: Internet Banking, Perhaps Social Media - Create Unique Passwords
Medium Passwords: Online Stores that Store Your Credit Card Info - Create Similar, but maybe slightly changed passwords
Everyday Low Risk: Logins to Forums, Basic Online Stores (that Don't store card details) etc... - Use the same password.
An Online 'Black Book'
Another tip is to use a password storage service, these can integrate with browsers and websites and some can even integrate across platforms.
Some good ones include:
- LastPass
- Password Genie
- SplashID
While we have passwords, unfortunately we will have hackers and they will win some battles. But as long as you mitigate your risk as best you can you go a long way to protecting valuable money and data.
