Think about the number of personal identification numbers (PINs), passwords, or passphrases you use every day: getting money from the ATM or using your debit card in a store, logging on to your computer or email, signing in to an online bank account or shopping cart...the list seems to just keep getting longer. Passwords are like keys to your personal home online. You should do everything you can to prevent people from gaining access to your password.
One of the best ways to protect information or physical property is to ensure that only authorized people have access to it. Verifying that someone is the person they claim to be is the next step, and this authentication process is even more important, and more difficult, in the cyber world. Passwords are the most common means of authentication, but if you don't choose good passwords or keep them confidential, they're almost as ineffective as not having any password at all. Many systems and services have been successfully broken into due to the use of insecure and inadequate passwords, and some viruses and worms have exploited systems by guessing weak passwords.
Tactics to use when choosing a password:
- Avoid the obvious. While you may be tempted to use your birthday or phone number or even the word “password,” don’t do it. All of these practices are more common than you might think and makes your online banking password more at risk of compromise. Try to come up with something that no one would ever guess.
- Go For Long, Not Short. Short passwords can be easily memorized by someone looking over your shoulder and are easily cracked using certain types of hacking software. Make yours longer, maybe an entire sentence, if possible. The more characters there are, the harder it will be to figure out.
- Mix it up. Use a variety of different characters: upper-case letters, lower-case letters, number, even an “!”,” &”, or a” %”. The more variety you can use, the better. You can even get creative. For instance, “sandcastle” can turn into “s&castle.”
- Change Your Password Often. It’s easy to get lazy and use the same password year after year, but internet security experts suggest changing your password every 30 – 60 days. Think of it as changing locks on your online life once a month. It’s free, easy, and keeps your online bank account as secure as possible, so why not do it?
- Don't Use the Same Passwords for All of Your Accounts. In the event that someone figures out one of your passwords, the last thing you want is for them to be able to access all of your personal information. You can use a password manager to store them securely online. Password managers can remember and enter your password on different websites, which means you won't have to remember longer passwords. Examples of password managers include LastPass, 1Password, and Google Chrome's password manager.
Think your current password is good enough? Visit www.useapassphrase.com to see how long it would take a hacker to crack. You might be surprised with how quickly you can be compromised!
There's no guarantee that these techniques will prevent an attacker from learning your password, but they will make it more difficult.