How often have we created a new username and password on the fly? Creating credentials is a standard part of our daily lives as we download more apps, subscribe to more platforms, and open new accounts. There are common practices that people follow when creating a new password. For example, make it easy to remember but hard for someone to guess. Change things up and add capitalization, special symbols, or numbers. Most importantly, don’t use the same password across multiple pages.
However, as technology continues to make bigger leaps and bounds and scammers use smarter and more sophisticated means of collecting your private data, there are some new best practices regarding our first line of defense: Password creation. In the second blog of our Refreshers series, we share some general tips and tricks that you may, and may not, already know.
- Number of Characters – Have you noticed that most sites that ask you to create credentials do not have a maximum number of characters? The shorter the password, the easier it is to decipher. Having a password that is at least 14 characters long is recommended.
- Words that Don’t Exist – Although it seems impossible, words that can be found in the dictionary or pop culture are also at risk of being deciphered. Instead, opt for obscure words or create different spelling to increase complexity.
- Stay Off Special Characters – Remember that some routers and devices do not allow certain characters. This almost seems counter-intuitive as special characters help strengthen passwords when mixed with numbers and letters, but the parameters are set for several reasons. For example, using just special characters in your password makes you more prone to getting your credentials hacked. Although it would be hard for a person to guess what special character or combination of characters you used for your password, a hacking program would be able to do so very easily. Another reason why you’ll find you can’t add specific special characters is that the software used to store the passwords will run into coding issues. Those special characters you use might be what could potentially break the software and make it therefore susceptible to hacking.
- Never include your password in any form of communication. It doesn’t matter if it is an email, a text message, or a DM on social media, you never want that information to be intercepted. For example, if you get a message asking for your login information, always contact the source directly to see if it is a scam. Most likely, it will.
- I’ll Give You a Hint – Even though writing down your passwords is strongly discouraged, you can always nudge yourself in the right direction. Writing down a hint to your password versus writing down the entire thing is a lot more secure. Think of it as a private inside joke with yourself!
- Don’t Get Comfortable – Changing your passwords every three to six months helps keep your log-in credentials elusive.
- Change it Up – Multi-Factor Authentication is quickly becoming more popular as it increases your account’s security by requiring a second method of verification before or during log-in. A second code or number gets sent to you to verify that it is you logging in. You can even add Two-Factor Authentication to your No-IP log-in.
- Work Smarter, Not Harder – Use your browser’s security settings to your advantage. For example, Chrome will notify you that there has been a data breach compromising your password info, but only if you enable it to do so. You’ll need a Google Account to access a Google Password Manager, but it may be worth keeping on top of any hacking attempts. Once you have your passwords entered, The Google Password Manager will not only notify you when there is a data breach, but also allow you to update them at the same time. This is a lot easier than switching back and forth to different log-ins and trying to guess which ones have been attempted.
- Banish those little notebooks and sticky notes all over your computer! There is still a lot to embrace with all the advances in technology, including storing lists of passwords. LastPass, DashLane, or LogMeOnce are a few of the many different password managers that will encrypt your lists of passwords so you can rest easy that the information is accessible and safe.
- Caution – Linking accounts might be an easy way to avoid remembering multiple passwords, but easier is not always safer. It is common to find different log-in pages that prompt if you want to link an existing account, like Facebook. While this does save time without having to create a brand new password, linking accounts poses a greater security risk. Linking accounts means giving the new account access to your data whether you want it to or not. If one account is compromised, the other one is surely at risk of being hacked as well.
Creating a password that fits all the right criteria might be taxing, but the more effort and care you take into doing so, the better. Everything that is password protected is worth taking the time and energy to make sure you get it right, as well as difficult for prying eyes and hackers to try and capture it.