We all remember the days when computer passwords were something simple, like your birthday, a pet’s name, or—more often than not—”password” itself. We didn’t know it at the time, but we were living in an age of blissful ignorance, never giving online security much thought . . . until the fateful day we started hearing about corporate data breaches and hackers stealing people’s identities.
These days, it’s not enough to simply have a password—you need a strong password that will stand up to the brute force attacks of today’s sophisticated hackers. While that may sound intimidating at first, you might be surprised how easy it is to create a password that makes Alcatraz look more like a luxury island getaway.
In this article, we’ll explore the importance of setting STRONG passwords on all your online accounts by covering the following topics:
- What constitutes a strong password?
- 4 Tips for creating strong passwords
- How many different passwords you should have
- How often you should change your passwords
- Why you should be using a password manager
In addition, we’ll discuss the many benefits of implementing a password-less environment via Identity as a Service (IDaaS). So, let’s get started!
WHAT CONSTITUTES A STRONG PASSWORD?
While the “perfect password” is a hotly debated topic amongst cybersecurity experts, most will agree that a strong password is at least eight characters long and contains a mix of uppercase and lowercase letters, numbers, and symbols.
In addition, a strong password should not be a dictionary word, proper noun, or easily guessed by someone who knows you well (e.g., your birth date, your mother’s maiden name, the street you grew up on, etc.).
4 TIPS FOR CREATING A STRONG PASSWORD
Now that we know what makes a good password, let’s look at four password tips for creating logins that are both strong and memorable.
1. Use a mix of letters, numbers, and symbols
As we mentioned before, one of the key ingredients of a strong password is using a mix of different characters. A good way to remember this is to think of your password as a phrase rather than a single word. For example, the phrase “I love spending time with my family!” could become “1L0v3Spend1ngT1m3w1thMyF@m1ly!”
2. Make it at least eight characters long
The longer your password is, the more difficult it will be for hackers to crack. If you’re having trouble coming up with a long password, try using a passphrase (as we did in the example above). The more random and memorable the phrase (for you), the better. If you’re a big Chicago sports fan, for instance, something like “The Chicago White Sox won the 1906 World Series!” can easily be remembered as “tCWSwt1906WS!”
3. Utilize password variations
A common problem with using unique passwords for different accounts or regularly changing your passwords is that it can get downright difficult to create and remember them all. To help with this, you could use a slight variation on an existing password. For example, the White Sox also won the 1917 World Series, thus “tCWSwt1917WS!” This is certainly better than using the same password for multiple things.
An even better option, and the option we recommend, is to use a password manager like LastPass (more on that below) to help generate and store your passwords for easy retrieval when you need them. This way you don’t need to rely on your memory.
4. Use a random password generator
If you’re still having trouble coming up with strong passwords, you can always use a random password generator. This is a tool that will create a completely random password for you, that’s typically between eight and 16 characters long.
Some free and paid password generators we recommend include:
HOW MANY DIFFERENT PASSWORDS SHOULD YOU HAVE?
One of the worst things you can do when it comes to password security is to use the same password for all of your accounts. If a hacker manages to guess or steal your lone password, they will instantly have access to everything, which needless to say, is NOT good.
The exact number of unique passwords you should have will ultimately depend on how many different types of accounts you have. What you want to have is a different password for each of your most important online accounts (e.g., email, banking, etc.).
The best option, again, is to use a password manager to generate secure passwords and keep track of all of them. Many password managers will even alert you if you’re using duplicate passwords and prompt you to change them.
HOW OFTEN SHOULD YOU CHANGE YOUR PASSWORDS?
In addition to using different passwords for each account, you should also change your passwords on a fairly regular basis. There is, however, a lot of debate on how often you should change your passwords. Again, it depends on the sensitivity of the information being protected.
Some experts say you should change your passwords every 30 days, while others say you should only change them when there is a compelling reason to do so (i.e., if you suspect your password has been compromised).
At the end of the day, it’s up to you how often you want to change your passwords. Just know that the more frequently you change them, the more difficult it will be to remember them all—which is where password managers can be a real lifesaver.
WHY USE A SECURE PASSWORD MANAGER?
A password manager is a software application that helps you generate, store, and manage your passwords—all in one central location. Not only does this make it easier for you to keep track of all your different passwords, but password managers allow you to create stronger passwords since you’re not limited by what you can remember.
Additionally, most password managers come with a host of other helpful features, such as multi-factor authentication (MFA), login auto-fill, and secure password sharing, which can all further improve your online experience and security. While there are many great password managers to choose from, we recommend LastPass for both personal and business use.
WHAT’S THE BEST WAY TO ENSURE YOUR PASSWORDS ARE NEVER COMPROMISED?
Remove them all together.
Passwords are inherently insecure, and even the strongest ones are simply strengthening an already weak equation. The best way forward is a login experience without password authentication at all.
Whizkids delivers a seamless passwordless experience, utilizing device registration and an eco-system of partners to fit every passwordless use case. The result is a completely password-free login experience that works on any device across all browsers, desktop applications, and native mobile applications.
Implementing a passwordless environment is a key component of Whizkids’ cybersecurity IDaaS product. To benefit from full online protection through a single point of control, contact us today to get started. And for more tips on how to stay safe online, check out our complete guide to Cybersecurity Awareness Month.