Some people have one password strategy: a bad one. It is not a good idea to use the same default password for all your accounts. If you have not put much thought into your password strategy, now is an excellent time to give it a try. Creating strong passwords can help prevent casual hacking of your accounts and prevent identity theft and other significant problems.
How bad is the problem of stolen account information, including passwords? According to We Live Security, more than 15 billion account credentials for sale on cybercrime forums. You need to make sure these criminals do not have a direct entrance into all your accounts.
Creating Strong Passwords
Creating strong passwords is part art, part science, and part strategy. Despite widespread education about the dangers of using “password” as your password, it remains one of the most commonly used (or some variation thereof, such as “Password123” or “Password1!”) passwords today, according to Consumer Reports. These strategies will help you create more effective, stronger passwords.
- Use phrases rather than single words.
- Generate long passwords.
- Mix letters and numbers together in the body of the password.
- Have more than one capital letter in the password.
- Create a unique password for each account.
- Use a password management program to keep all your passwords organized and to generate unique passwords for you.
- Change your password if it is revealed in a data breach.
- Be savvy about phishing schemes where people may be trying to get your password by sending emails that appear official but are not. Most providers will not ask for your password in an email. Ever.
Think about all the accounts you have: social media, email, banking, utilities, streaming, and likely many more. It is conceivable that you have 50 or more accounts that all need strong passwords. Password managers can help you manage across all your devices without risking repeats or making it easy for hackers to compromise.
Are Your Passwords Compromised?
Suppose you have received a letter in the mail informing you of a data breach that includes your information. In that case, the odds are good that your password is compromised. What does that mean? It means every account associated with your email address that uses the same password is also compromised.
What if you have not received a notification? There are programs out there that look out for you, like Firefox Monitor from Mozilla and Password Checkup from Google. You can use these tools to see if your email address has been part of a data breach. These services will notify you via email if a known data breach has compromised your accounts.
Of course, there is more you can do to keep your information safe and secure. One of those options is to use multi-factor or two-factor authentication to add a layer of security to your important accounts.
Multi-Factor Authentications
Multi-factor authentication, or MFA, requires multiple forms of authentication to make your account information available to you. Some may send a code via email or text or even require a token in addition to your password. Some recommend against using text messaging for multi-factor authentication because spammers can intercept those codes and access your information regardless.
Alternatively, you can use a service like Google Authenticator or Microsoft Authenticator to verify your identity on your behalf once you have registered a specific device with the service. The bottom line is that it is always in your best interest to strengthen your passwords as much as possible. Doing so reduces the risks of others accessing your accounts.
Takeaway
- Billions of account credentials are currently listed for sale on the dark web.
- Weak passwords offer low-hanging fruit to hackers and scammers.
- Strong, unique passwords, are the most effective solutions for account security.
- Multi-factor authentication provides an additional layer of protection for your accounts and information.