We’ve been on the internet for almost 35 years, yet we still haven’t learned our lesson about online passwords. According to a recent security study, the most commonly used web passwords are things like “123456” and “password.” Sure, they’re easy to remember, but that makes them just as easy to hack. And if you use that simple password across multiple accounts—as a reported 92 percent of online users do—that puts all of your data at risk.
Creating strong passwords
You'll need to create a password to do just about everything on the Web, from checking your email to online banking. And while it's simpler to use a short, easy-to-remember password, this can also pose serious risks to your online security. To protect yourself and your information, you'll want to use passwords that are long, strong, and difficult for someone else to guess while still keeping them relatively easy for you to remember.
Here are few tips for ensuring your passwords are as strong as possible.
1. MAKE YOUR PASSWORD LONG.
Hackers use multiple methods for trying to get into your accounts. The most rudimentary way is to personally target you and manually type in letters, numbers, and symbols to guess your password. The more advanced method is to use what is known as a “brute force attack.” In this technique, a computer program runs through every possible combination of letters, numbers, and symbols as fast as possible to crack your password. The longer and more complex your password is, the longer this process takes. Passwords that are three characters long take less than a second to crack.
2. MAKE YOUR PASSWORD A NONSENSE PHRASE.
Long passwords are good; long passwords that include random words and phrases are better. If your letter combinations are not in the dictionary, your phrases are not in published literature, and none of it is grammatically correct, they will be harder to crack. Also do not use characters that are sequential on a keyboard such as numbers in order or the widely used “qwerty.”
3. Try using a combination of Letters, Numbers, and Symbols
Your password shall always be a combination of letters, numbers, symbols, upper case and lower case. Alfa-numeric passwords are very difficult to guess. Keep the below-mentioned points in mind while creating your password-
Letters – A, B, C, D, e, f, g
Numbers – 1, 2, 3, 4, 5
Symbols – @, -, _, $
Upper Case – A, B, C, D
Lower Case – a, b, c, d
For example, “ItIs@saFePasswoD13” could be a good combination.
4. AVOID USING OBVIOUS PERSONAL INFORMATION.
One should create passwords that are easy to remember but difficult for others to guess. For example, a password as simple as “abcd123′ can be easy to figure out by a hacker. Also, using your personal information such as “mohit123” can make you lose your data in no time. So, avoid using personal information in your passwords such as your pet name, date of birth, surname etc.
5. DO NOT REUSE PASSWORDS.
When hackers complete large-scale hacks, as they have recently done with popular email servers, the lists of compromised email addresses and passwords are often leaked online. If your account is compromised and you use this email address and password combination across multiple sites, your information can be easily used to get into any of these other accounts. Use unique passwords for everything.
6. START USING A PASSWORD MANAGER.
Password managers are services that auto-generate and store strong passwords on your behalf. These passwords are kept in an encrypted, centralized location, which you can access with a master password. (Don’t lose that one!) Many services are free to use and come with optional features such as syncing new passwords across multiple devices and auditing your password behavior to ensure you are not using the same one in too many locations.
7. KEEP YOUR PASSWORD UNDER WRAPS.
Don’t give your passwords to anyone else. Don’t type your password into your device if you are within plain sight of other people. And do not plaster your password on a sticky note on your work computer. If you’re storing a list of your passwords—or even better, a password hint sheet—on your computer in a document file, name the file something random so it isn’t a dead giveaway to snoopers.
8. CHANGE YOUR PASSWORDS REGULARLY.
The more sensitive your information is, the more often you should change your password. Once it is changed, do not use that password again for a very long time.
Hackers could keep trying to crack your passwords no matter how strong you make them. But these are good step to putting you in the know.
9. Use Two-factor Authentication
It is always better to go for a 2nd-factor authentication, which may be a one-time password on your mobile. There are many 2FA apps available using which you can secure your social accounts.
Common password mistakes
Some of the most commonly used passwords are based on family names, hobbies, or just a simple pattern. While these types of passwords are easy to remember, they're also some of the least secure. Let's take a look at some of the most common password mistakes and how to fix them.
Password: abhishek12rohit5
"I doubt anyone could guess my password! It's my kids' names and ages. Who else would know that?"
Problem: This password uses too much personal information, along with common words that could be found in the dictionary.
Solution: A stronger version of this password would use symbols, uppercase letters, and a more random order. And rather than using family names, we could combine a character from a movie with a type of food. For example, Chewbacca and pizza could become chEwbAccAp!ZZa.
Password: w3St!
"My password is so simple! It's just the beginning of my street address with a few extra characters."
Problem: At only five characters, this password is way too short. It also includes part of her address, which is publicly available information.
Solution: A stronger version of this password would be much longer, ideally more than 10 characters. We could also substitute a nearby street name instead of her current address. For example, Pemberly Ave could become p3MberLY%Av.
Password: 123abccba321
"My password follows a simple pattern, so it's easy to remember and type on my keyboard."
Problem: While patterns like this are easy to remember, they're also some of the first things a hacker might guess when attempting to access your account.
Solution: Remember that random passwords are much stronger than simple patterns. If you're having trouble creating a new password, try using a password generator instead. Here's an example of a generated password: e#V$pIg&qf.
If you use a password generator, you may also want to create a mnemonic device to make the password easier to remember. For example, H=jNp2# could be remembered as HARRY = jessica NORTH paris 2 #. This may still feel pretty random, but with a bit of practice it becomes relatively easy to memorize.
Password: BrAveZ!2
"I use the same passwords for all my accounts. This way, I only have to remember one password!"
Problem: There's nothing really wrong with this password, but remember that you should never use the same password with different accounts.
Solution: Create a unique password for each of your online accounts.
Password: m#P52s@ap$V
"I use a password generator to create all of my passwords. They're not super easy to remember, but that's OK; I also use a password manager to keep track of them."
This is a great example of a strong password. It's strong, long, and difficult for someone else to guess. It uses more than 10 characters with letters (both uppercase and lowercase), numbers, and symbols, and includes no obvious personal information or common words. This password might even be a bit too complicated to remember without a password manager, which underscores why they're so helpful when creating a strong password.
Remember to use these tips whenever you create a password to keep your online information safe and secure.