Coming up with secure passwords is one of the most important tasks of your digital life, and it’s certainly one of the most tedious. But that’s not reason enough to stick with simple, generic codes.
While you may think that spelling your dog’s name backwards is a clever way to deceive any prying eyes, it can actually make you very susceptible to hackers. And when you use that same password for all your online accounts, email boxes and secured devices, you’re multiplying your risk.
You wouldn’t trust your wallet under the protection of your eight-pound dachshund; so don’t trust him with your digital assets, regardless of the easy-to-remember lure of “yffulf.”
An ideal password includes an alphanumeric series, with varying upper and lower case letters. The code should have no apparent significance to an outsider.
Some basic rules for creating a secure password include:
- Use a minimum of eight characters. Ten characters or more is best.
- Change your passwords every six months. Attackers with the correct tools and enough time can crack any stagnant code. This is vital for banking and credit card accounts, where your identity and finances can be directly affected.
- Incorporate symbols into your password along with numbers and letters.
- Create a unique password for all your different accounts.
- Test your password’s strength with a secure password checker.
Some common errors to avoid when creating your password:
- Avoid any varied spelling of your name or your name combined with numbers.
- Don’t use names of people or places that are significant to you, e.g. pet names (sorry Fluffy), family members or friends.
- Don’t use the same word as your user name.
- Avoid dictionary words.
- Stay away from consecutive number or alphabet sequences, e.g. 123456, abcdef.
- Don’t use real words in any language.
Microsoft offers a convenient guide that can help you craft a secure password that is easy to remember.
Even with this system, remembering multiple passwords for all your accounts can become tedious. While you can write the passwords down – if you choose to do this, store the list in a safe place away from your computer – employing a password generating and storing service is a simpler, more secure option. There are many paid services available online, but here are a few free sites you can try:
LastPass is a secure password service that stores all your passwords and login information in an encrypted account. Along with creating and storing high-quality passwords, LastPass also stores your login information and personal profile to automatically fill out forms online with one click. The only password you will be required to enter is the LastPass master password, hence “Last Pass(word you’ll ever have to remember)”. Clever, huh?
The system works on multiple browsers, including Internet Explorer, Mozilla Firefox, Safari and Google Chrome, and it can be implemented on different PCs. Because LastPass automatically synchronizes your data, you can access it from anywhere.
For $1 per month, you can upgrade to the premium service, which allows you to encrypt passwords on your smartphone and have access to LastPass priority support.
Logaway is a user-friendly secure password service similar to LastPass. It employs several levels of security checks, including text and phone confirmations to prevent unauthorized users from accessing your information. The amount of accounts you can register with Logaway is unlimited, and they offer a “Live Help” option on their website, where you can speak directly with an agent if you have any problems with your account.
With a visually-appealing design, Logaway offers users more opportunities to customize their accounts. A free gadget tool is available for individual users to tailor their Logaway homepages. These add ons include sports scores, news updates and movie times, among many other options.
KeePass is an open source password manager that offers master key technology like Logaway and LastPass. KeePass also offers the option of using key files, which provide better security than master passwords in most cases. The key file is stored on an external drive, USB stick or CD and no master password is necessary. While you don’t have to remember any passwords at all with this feature, you do have to make sure not to lose the drive.
If, like mine, your possessions tend to behave like fugitives, you can opt for both the key file and password. In this case, if you lose your key file, the database would remain secure.
Whether you choose to use a password service or create your own secure codes, make sure they fit these guidelines. Your assets will be protected, and Fluffy will appreciate the break.