Your digital identity and access begin with your login information, a username, and password. You know to use strong, unique passwords and change them often due to the potential risk of cyber security threats and hacking. You’ve been told repeatedly not to reuse your passwords, not to make them recognizable and therefore less guessable, not to store or save your login information on websites and apps, and not to share them.
Most people don’t follow these guidelines. And security breaches are on the rise.
That means you're more vulnerable: your personal, sensitive information and identities are available to hackers who shouldn’t have access and who are willing and eager to use or sell that information.
You can reduce that risk and your exposure by taking the simple step of improving your passwords.
What is a password?
A password is the second component to your login information that authenticates your identity as a digital user. The combination of a username and password is unique to you and you alone. It provides added security for your information and access, much like a PIN serves as an added layer of protection for your debit card.
As such, your password is valuable and considered part of your digital identity – the key to access the resources you have and use online.
Password best practices
A password is only helpful if it can’t be guessed or accessed by others. As simple as that sounds, it’s a basic tenet that few users follow. There have been countless stories of significant cyber breaches where the password used was Password1234 or Admin1234. Basic, default, easy to remember, often used passwords are typically the first try of anyone attempting to access an account they don’t have the right to see.
The best practices for better, safer passwords are straightforward
Remembering passwords is paramount to a seamless, convenient online experience. Remembering passwords can be tricky, so you may be inclined to reuse one password for several accounts. That ease of access puts you at risk. Is the convenience worth trading your passport number or health information and details for? What about your bank account access?
Use strong passwords
Passwords are a series of characters, numbers, letters, and symbols. Skip using the obvious ones or ones easily associated with you (meaning, easily guessable). Don’t use birthdates or anniversaries, pet names, or recognizable famous words. Strong passwords shouldn’t be easy to remember or imagine.
Change your password frequently
Regularly change your password. The longer you use a password, the more opportunities there are to be hacked. By frequently changing your password, it restarts the process of anyone trying to guess it or hack it. Many companies and services require changing passwords at regular intervals, such as every three to six months, and even block you from reusing previous passwords.
Don’t reuse passwords
We are drawn to consistency, especially when it makes our lives easier. That’s why so many users repeat passwords or have a cycle of several that they use in combination or variation across most sites, apps, and services. Cybercriminals know this, which means they know that they likely can access other accounts if they can access one.
Don’t store your passwords in unencrypted locations
Sites and browsers are always “offering” to store or save your login information. It’s certainly more manageable, especially when using strong, unique passwords across multiple entities, but it increases your vulnerability. Storing all your passwords through a browser puts them at risk because if your account gets hacked, hackers have access to all your passwords by accessing one. Browser features are convenience-based, not security-driven.
No sticky notes, notebooks, or excel files
You try to follow suitable password hygiene protocols, using strong, unique, random characters, but then keep them all on notes on your desk, taped to your monitor, or in an unsecured note file or spreadsheet on your computer. Don’t do that.