Happy World Password Day! What’s that you ask? Well, are you someone that uses the same password to login to your bank account as well as other online profiles? When is the last time that you updated or changed those passwords? Considering that “during the next five years, cybercrime might become the greatest threat to every person, place and thing in the world,” you might want to take a moment to actually take some action on your online account and profiles.
So, what is the whole idea behind World Password Day? It is pretty simple actually – If we all took a few very simple steps to increase our own online security, the internet can become a safer place for everyone. Here are a few things that you can do to improve your password health and online security.
- A good place to start is this website: Have I Been Pwned (HIBP), “a free resource for anyone to quickly assess if they may have been put at risk due to an online account of their’s having been compromised or “pwned” in a data breach.” Simply enter your email account(s) that you use online and it will spit out if that email address was included in a breach. Pretty slick if you ask me. If you happen to have been a part of a breach, I recommend that you reset your passwords for those accounts if you haven’t already with STRONG passwords.
- Using STRONG PASSWORDS and updating them at least once a year is highly recommended. The longer the password the more secure, but in some cases, you are limited to certain number and type of characters. Mixing uppercase and lowercase letter, numbers, and special characters while avoiding the use of other personal information is recommended. Using your middle name or date of birth in your password isn’t always the best.
- Use Unique Passwords for each account. Beleive it or not, this is one of the BIGGEST MISTAKES that people make. Using one password for all your accounts means as soon as that password is compromised, they have access to all your other accounts too. Not cool!
- Layering up on your security with a form of Multi-Factor Authentication can protect your account even in the case where your password is compromised. Not familiar with MFA? Basically, it requires a password and an additional piece of information to log in. Most commonly used is Google Authenticator where a random number is generated and needs to be entered while logging in. Another form of MFA is after entering your password, a text message is sent to your device with a code that needs to be entered.
- Considering using a Password Manager, such as LastPass. Ditch the notepad, spreadsheet, and all of the post-its and let a reputable password manager store them all. Use one main strong password to secure all your login information in one easy to access application. I personally have been using LastPass Premium, but there are a number of other password managers out there including 1password, Zoho Vault.
- Change your passwords at least once a year. “Best Practice” is changing your passwords every 30 to 40 days, but that also seems to lend itself to people falling back to old habits of writing them down. Realistically changing your password once a year is plenty in combination with MFA and a strong password.
Take control of your online security by updating your passwords once a year with strong passwords, throwing away the post-its and notepads with written passwords, and start utilizing a password manager.