Make your password more secure: A weak password could cause problems. Here’s what you can do to safeguard your many accounts. Your online security depends on a secure password, and you need a different one for each of your social media accounts, bank accounts, streaming services, and apps.
But because there are so many accounts to manage, it’s tempting (and surprisingly simple) to develop the poor habit of using the same login information across the board.
Weak passwords might have major repercussions like identity theft if your data is stolen. The number of reported data breaches in 2017 broke previous records, not to mention the T-Mobile incident in 2021 that resulted in the exposure of the personal data of more than 50 million users.
For the majority of us, identity protection in a post-password era is not yet available. Try these best practises to reduce the chance that your data will be compromised in the meantime.
Continue reading to discover one key technique to make your logins even more safe, how to establish and manage the finest passwords, and how to be warned if they are compromised. Here are three outdated password conventions that are foolish nowadays.
Ways to Make Your Password More Secure
- You can write your login credentials down
- Use a password manager to keep track of your passwords
- Find out if your passwords have been stolen
- Avoid common words and character combinations in your password
- Longer passwords are better
- Don’t recycle your passwords, seriously
- Avoid using passwords known to be stolen
- No need to periodically reset your password
- Use two-factor authentication
You can write your login credentials down
This advice contradicts everything we have been told about how to stay safe online. But not everyone needs a password manager, and some of the most respected security organisations, like the Electronic Frontier Foundation, advise maintaining your login information on a physical piece of paper or in a notebook as a workable solution.
And we’re not talking about a Word file or a Google spreadsheet here; we’re talking about actual, old-fashioned paper, since if someone gets access to your computer or your online accounts, they can also have access to that electronic password file.
Of course, it’s still possible for someone to break into your home and take the keys to your entire existence, but that scenario seems less plausible. We advise keeping this piece of paper out of sight and in a secure location, such as a locked desk drawer or cabinet, whether it be at work or home.
Especially for your financial sites, keep the amount of people who know where your passwords are to a minimum.
If you travel frequently, physically carrying your passwords with you increases the possibility that your notebook will be lost.
Use a password manager to keep track of your passwords
Strong passwords comprise a variety of characters, numbers, and special symbols, are longer than eight characters, and are difficult to guess. The greatest ones can be challenging to recall, especially if you use a different login for each website (which is recommended). Password managers can help with this.
Strong, lengthy passwords can be generated and stored for you by a reputable password manager like 1Password or Bitwarden. Both your phone and PC can use them.
You will still need to memorise a single master password that unlocks all of your other passwords, which is the tiniest catch. Make that one as powerful as you can (and see below for more specific tips on that).
Password managers are included in some browsers, such as Google’s Chrome, although advises against using them because of security issues with the passwords they store.
Hackers naturally target password managers because they have a single master password. Password managers also have shortcomings. In 2019, LastPass patched a bug that might have allowed a customer’s credentials to be revealed. It must be said that the business did a commendable job of being open about the potential exploit and the actions it would take in the case of a hack.
Find out if your passwords have been stolen
It’s not always possible to prevent password leaks due to malicious hacking or data breaches. However, you can always look for signs that your accounts may have been compromised.
You may find out which of your email addresses and passwords have been exposed in a data breach using Google’s Password Checkup and Mozilla’s Firefox Monitor, so you can take appropriate action. You can find out if your emails and passwords have been compromised using Have I Been Pwned.
Avoid common words and character combinations in your password
Making a password that nobody else will know or be able to guess quickly is the objective. Avoid using terms like “my password,” frequent words like “password,” and well-known character combinations like “qwerty” or “the swift brown fox.”
Additionally, avoid using any information about yourself that someone could learn via social media, a meaningful conversation with a complete stranger on a plane or at a bar, such as your name, nickname, pet’s name, birthday or anniversary, your street name, or anything else.
Longer passwords are better
When generating a strong password, 8 characters is a fine place to start, but longer logins are preferable. A passphrase made up of three or four random words is recommended by the Electronic Frontier Foundation and security expert Brian Krebs, among many others, for increased protection.
However, a longer passphrase made up of unrelated terms can be challenging to remember, which is why you ought to think about utilising a password manager.
Don’t recycle your passwords, seriously
It’s important to emphasise again how bad of an idea it is to reuse passwords across many accounts. If your password for one account is discovered to have been reused, that person has access to all of your other accounts as well.
The same holds true for changing a root password that is altered by prefixing or suffixing. PasswordOne and PasswordTwo are two examples (these are both bad for multiple reasons).
By using a different password for each account, you may prevent hackers from using one account’s hack to gain access to all the others.
Avoid using passwords known to be stolen
Hackers can easily break into an account using automated login attempts known as credential stuffing that employ passwords that have been previously stolen or otherwise exposed. Visit Have I Been Pwned and type in the password you’re considering using to see if it has already been compromised.
No need to periodically reset your password
It used to be common practise to change passwords every 60 or 90 days because it was believed that was how long it took to crack a password.
Microsoft, however, now advises against changing your passwords on a regular basis unless you have reason to believe they have been compromised. The cause? Due to the requirement that we change our passwords every few months, many of us developed undesirable habits such as choosing passwords that were simple to remember or writing them down on sticky notes and sticking them to our monitors.
Use two-factor authentication
Two-factor authentication, also known as two-step verification or 2FA, is a security measure that requires you to enter a second piece of information that you alone have (typically a one-time code) before the app or service logs you in. This prevents thieves from accessing your account even if they do manage to steal your password.
In this way, even if a hacker finds your passwords, they won’t be able to access your account without your trusted device (like your phone) and the verification code that proves it’s truly you.
While receiving these codes through text message or phone call to your landline or mobile device is popular and convenient, it’s easy enough for a hacker to gain your phone number through SIM swap fraud and then intercept your verification code.
Using an authentication programme like Authy, Google Authenticator, or Microsoft Authenticator to generate and acquire verification codes yourself is a more safer alternative. Once everything is set up, you have the option of registering your browser or device so you won’t have to continually validating it every time you login in.
Your best defence when it comes to password security is to be proactive. This includes being aware of the presence of your email and passwords on the dark web.
- How to Fix Compromised Passwords on Your Device
- How to Lock Chrome Profile with a Password
- How To Reset Forgotten Password In Windows 10 and Windows 11
With so many accounts to keep track of, it’s easy to fall into the bad habit of using the same login details everywhere. To maintain track of your logins and make sure you don’t reuse passwords that have been reported as stolen, utilise a password manager. Use Mozilla’s Firefox Monitor and Google‘s Password Checkup to see if your email addresses and passwords have been compromised in a data breach. Brian Krebs, among many others, suggests a passphrase made up of three or four random phrases for greater security.
How can passwords be made more secure?
Create passwords that are unique and do not contain any personal information, such as your name or birthdate. If you are the subject of a password hack, the hacker will use all the information they have on you to try and guess your password.
What is the most secure password method?
- An English uppercase character (A-Z)
- An English lowercase character (a-z)
- A number (0-9) and/or symbol (such as !, #, or %)
- Ten or more characters total.