Create Strong Passwords/Pass Phrases
The days of solely focusing on password complexity are over. A good password is one that is easy for you to remember, but difficult to guess. The following tips will help you in creating a strong, memorable password:
- Longer is stronger. The best passwords are at least 10 characters in length. Include some capitalization and punctuation.
- Use a phrase. Pass phrases are easy to remember, but difficult to guess. If the service will allow, use spaces as special characters for added strength. This also makes the phrase easier to type.
- Misspell a word or two. Make a note of what was misspelled until typing the pass phrase becomes a habit (usually within a few days).
- Consider using a nursery rhyme, movie quote, or song lyrics, and then put a twist on it.
Unsure as to the strength of your password? Password strength checkers like How Secure is my Password? will rate your password's strength based on how long it would take to crack.
Protect Your Passwords
- Never share your passwords with others.
- Change your passwords periodically. If you have been compromised, change your passwords IMMEDIATELY.
- Don't enable the "remember password" function on websites.
- Use a unique password for each of your important accounts. Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office: if a criminal gains access to one, all of them are compromised. It may be less convenient, but picking multiple passwords keeps you safer.
Use a Password Manager
Having to memorize numerous, long, complex passwords can be difficult. Password managers are a great tool that can generate and store passwords for you.
If you choose to use a password manager, you'll still have to remember at least one thing: your master password. Be sure to make it extra-secure and composed of at least 12 characters to ensure that it's not vulnerable to attack.
Enable Multi-Factor Authentication
Any time a service like Gmail, Facebook, or your bank offers "two-step" or "multi-factor authentication," use it. Passwords are no longer enough protection, especially for sensitive information. Multi-factor authentication (MFA) puts an extra layer of security on your accounts by requiring something you know (e.g., password) and something you have (e.g., cell phone receiving text message with additional code verifying your account).