Let’s go through some super quick tips about passwords.
Passwords are the primary lock on the door to your online accounts. Sometimes they’re the only lock (they shouldn’t be, but more on that a little further down.) If they’re compromised or bypassed, crooks could obtain access into our digital worlds, and so it’s important to follow some simple tips to make sure the chances of that happening are as small as they can be.
The biggest myth (probably) about passwords and online security. I don’t have anything to hide. Crooks won’t be interested in me or my accounts.
That is categorically false. Even if you live the most mundane, ordinary and scandal-free life (or at least you think you do) you’re still a person with a credit score, a bank account (presumably) and an online identity. And your online accounts will still contain personal information about you, even if it’s just a small amount.
That information can be collected, accumulated, stored and later used to either commit identity theft or to launch targeted (convincing) scams against you.
Yes, unfortunately, this means you need to take passwords as seriously as everyone else. We’re sorry about that.
Sponsored Content. Continued below...
We won’t dwell on this too much here because we know you’ve heard it all before. Don’t pick a dictionary word. User both lowercase and uppercase, as well as numbers and at least one symbol if you’re allowed. Don’t pick your date of birth, and for goodness sake, don’t use something like 123456.
You know the drill. There’s really no excuse now.
You’ve probably heard this before as well. And it’s still important. If one password becomes compromised, you don’t want this affecting multiple online accounts. Crooks are acutely aware that people still reuse passwords, and they’ll use credential stuffing attacks (attacks where they take valid username/password combos from one site and see if they also work on other sites) to gain access to accounts.
Even if you’re super careful about keeping your passwords safe, it could be the company you have an account with that lets slip and gives up your username and password in a data breach. Sadly, large scale breaches like this happen all the time, resulting in passwords getting leaked online. And the first thing crooks do with those leaked passwords? See if the work for other websites.
Reusing passwords is a bad idea.
Sponsored Content. Continued below...
Both are vulnerable to eavesdropping. Shared devices could harbour keyloggers that records every keystroke and send them to crooks. HTTP webpages are not secure, meaning someone could intercept the data sent from an HTTP page. Always look out for HTTPS instead (usually denoted with a padlock symbol by the web address.)
Whatever term you use, two factor authentication, two step authentication, multi factor authentication, they all have one thing in common. They add an extra layer of security to your account.
Think of 2FA like an extra deadbolt lock on the top and bottom of your door. Even if the crook has found the key for the main lock, they still can’t get inside. 2FA means a password is not enough to get into your account. Most online accounts support 2FA. It can mean getting a SMS code texted to you, or reading off a code produced by an app on your phone, when it’s time it login to your account.
Enabling 2FA is one of the most single important things you can do to protect an online account. We have about it here.
Password managers have skyrocketed in popularity. After all, strong passwords that are different with each online account can be hard to maintain. We’ve always recommended LastPass as our go-to password manager. The premium version (that includes tech support and multi-device syncing) is around $3 a month.
Some advantages to good password managers include –
– Automatically generates strong passwords
– You only need to remember a single master password
– Can autofill password fields in the same way a browser can
– Passwords will always be unique
– Easy to change your passwords
– Can support multiple devices so you can sync login information on more than one device.