This article on news.com.au sounds pretty scary.
Your password/s are the keys to your digital kingdom, and their secure because they’re stored only in your mind and not on a piece of paper in your pocket or on the side of your monitor. Which means unlike with normal keys, they are a pleasure to lug around with you in tight jeans. They’re also not easy to lose, unless you lose your mind, which does happen momentarily, admittedly more than we’d like. Still with digital keys you will thankfully never get asked, “Where did you see them last?”, unless that person is being cute or an ass.
For all the great things about password or digital keys, there are also some detractors compared to traditional keys. For one, if someone was standing at your front door trying millions of different keys hoping to get the right one, you would cotton on to it, and impolitely ask them to leave; however this isn’t always the case with your online doors. Another advantage is that there is little chance of a nogoodnik figuring out how to fashion your key by going through your garbage or knowing your favourite movie.
Making memorable passwords is a must, because human memories aren’t that great. But this can make maintaining good password protocols a tough exercise, especially if you’re a fair way into your internet life and have already used all the memorable passwords that you can think of.
Meaning every time you find out about a new service that’s popped up online, which obviously requires yet another password, you might not have anything to give.
There is often the option of logging in with your Facebook or Gmail account, but that’s just akin to using the same password. Which as we all know, will come with the advantage that you won’t forget it, but unfortunately that will be of little consolation to you, when every account you own has been hacked at once, allowing hackers to delete all your funny Youtube videos and post to Facebook views on Tony Abbott’s leadership that you may agree with, but don’t want out in the public domain.
Tip: Making a password longer, exponentially increases the difficulty to crack it. The easiest way for us humans to make our passwords long is to make them into phrases.
Example: Gmailis5letters&no#s or perhaps : ILike2get(email)
Pro Tip: Don’t use these two.
Sometimes when you enter a password they tell you how strong it is, unfortunately for those competitive souls out there, this can lead to a 20 character password of random numbers letters and symbols just to get a high score.
Tip: Don’t push yourself too hard, if you don’t think you’ll be able to remember it, then there’s really no point in it’s added security, unless you also want to be locked out along with everyone else.
Sometimes being a cryptographic genius is warranted, say if you work as an online security manager or find yourself sent back in time to be an Enigma code breaker in World War 2. While in those situation having 6 levels of randomly generating passwords is good form. In your personal life though, the time it will take you to log in to Gmail might actually negate the time saving value of email over traditional mail.
Still you do need to include numbers, symbols and CAPITAL LETTERS to make your password that much stronger. Just adding your favourite number to the end isn’t enough. By substituting letters like i’s with 1’s, and e’s with 3’s, or even consider L’s as rotated 7’s you can turn a simple password that you may already remember into something no one can crack.
Considered an easy option, Password Managers offer users the ability to store their usernames and passwords to any site. Which means instead of having to log in to the particular service you can simply enter your password manager login details and gain access.
While this is quite convenient, it is also quite similar to using the same password for all your accounts as getting access to your master password will leave all your accounts vulnerable. If you still like the idea then you should try and make the password manager password as strong as possible, by using all the password tips you can find. Or make sure you have 2-step verification enabled.
If you’re looking for some extra security, then you should try 2 Step Verification. It improves your security by adding an extra layer, so you not only need the right password, but also to have access to either an email or mobile phone number. When you go to login on a strange foreign device you will then receive an instant message with a randomly generated code number, which you will then have to enter to get into your account.
While this can take longer to log into your device, if you use your mobile number, a hacker would need to have access to your phone, thus excluding any hackers not in the vicinity. This added security can even make your account with a password of 12345678 hard to crack.
Tip: If you access your accounts regularly from a personal device you can make that device trusted so you don’t need to perform 2 Step verification more than once.
Pro Tip: Microsoft, Google, Facebook + a lot of other big web services, offer 2 step verification, so if you’re using those accounts to log into numerous other services make sure you protect yourself.
The bane of all good passwords is the suggestion that for security reasons you need to change your password regularly. This is however, if we’re honest with ourselves, something that only password zealots actually do it. Mainly because we’ve got other things on our mind, for example, worrying about meeting stringent hotdog eating competition entry requirement. We also don’t regularly change our passwords because it’s just too hard. If you did what is recommended, you’d only just finish learning your passwords before having to change them to something different.
The main reason behind needing to change them though, is not security from outside hackers, it’s actually from people you know or who have may have access to your account. This happens mainly in office’s when someone needs a file and it’s only on your computer, so you then have to give them your password so they can access it. Next thing you know, your password is the name of the staff volleyball team, and it’s screen printed on their team uniforms.
So if you’ve come up with a password which you really like, (don’t feel embarrassed, it’s easy to get attached), if you don’t want to change it, then don’t share it with anyone, yes that means even your partner. If someone needs a file, share or send it to them. If you have people accessing your computer, set up a guest account whose password you can bandy about. Fortunately with the advent of Office 365 for business you’ll be able to access all your files from the cloud and share them too. If it’s good enough for Byte Grylls then it’s good enough for you.
This post originally appeared on: