I’m sure you’ve seen news articles every year about the most common passwords are “12345”, “123456”, etc. You probably roll your eyes and ponder how careless some people can be. But is your password any better?
I work with many fine folks who entrust their information and data to me. I am shocked at how short and simplistic many passwords are. It’s not a knock on them. I worry about their digital safety and advise to improve their security. Criminal threats are becoming more bolder and many people are sincerely too focused on their day-to-day to re-evaluate passwords set up some time back.
Would you rather spend an hour changing passwords?
Or several days recovering from a hack?
If you’ve used the same simple password everywhere (i.e., major admin accounts, email, financial, etc.) for a long time, its about time to change them before something bad happens.
Definitely change your…
- Email accounts — Gmail, Yahoo Mail, Outlook, etc.
- Social Media accounts — Linkedin, Facebook, Pinterest, Instagram, Snapchat, etc.
- File sharing accounts — Dropbox, Box, etc.
- Domain registrar and web hosting — GoDaddy, Register.com, Network Solutions, etc.
- Misc. — Amazon Web Services, Wunderlist, Netflix, Hulu, etc.
This is a hassle. How can I make it easier?
Security is a necessity in our digital age. Password management software can help you securely store the info and generate random passwords. Then you can sync the data between your desktop/laptop, tablet and smartphone. Examples include: Lastpass, 1Password, Dashlane, KeePass, etc. Search Google for “password manager” to start your own research.
What’s a strong password?
- Minimum of 14 characters.
- Combination of letters (upper/lower case), numbers and unique characters if the website allows.
- Don’t use a single word or a common phrase.
- Use a different password on every website. (Yes, it’s a nuisance, yet it helps reduce the damage if one website gets hacked.)
Tips:
- Some suggest picking the first letter of every word in a phrase and add on to that some other numbers and characters. You could look at your keyboard and create a pattern you can easily remember.
- Most importantly, try to use a different password on every website. That way if one gets hacked, all your others won’t easily be compromised.
- Enable 2-step authentication if available. (Here’s how for Gmail.)
- Share passwords only on a need to know basis.
- Don’t email your login credentials. Email sent between two parties can’t reliably be trusted as secure without taking some significant encryption steps.
- If you need to share, some websites allow you to create sub-accounts to delegate limited account access. That way you retain your password and full access while your employee/contractor uses their own login to access only what they need to perform tasks for you.
- Logout when your done, especially if someone else has access to your computer, tablet or phone.
Become a less desirable target.
Nothing is perfect, but you shouldn’t make yourself an easy target. Remember The Club steering wheel lock? Even though I knew it could be defeated by a skilled car thief, I was a devoted user of that monster for a decade because it’s best purpose was PREVENTION. Devices and alarms are deterrents to make your car more of a hassle to steal so the thief hopefully moves on to an easier target.
Apply that same logic to your digital assets. Make it difficult to the bad guys so they hopefully move on down the road.
I hope you find this helpful.
-Roland
Learn more:
- Strong password checkers by: LassPass or Kapersky
- NY Times: Flaw calls for altering passwords experts say
- Heartbleed official website