List of content you will read in this article:
The main line of defence between your data and the rest of the internet is the secure and robust password. All your accounts, from email and social media to banking accounts, rely on the main barricade: a secure password.
Why use a STRONG password?
Having a secure password for your online accounts is the first step in securing your data. Having a secure password for all your online set-ups, including VPS servers, is crucial. If you have a weak password for the VPS hosting where your website sits, then your whole business is vulnerable to a cyber-attack.
With all the technologies available, a simple password you are using might be crackable in seconds. Look at this link to check how fast your current password can be cracked. A good password would contain a mixture of letters (uppercase and lowercase) and numbers combined with symbols.
In summary, a good password stands between you and your precious data.
What is a strong password?
A strong password must be unique just for you, similar to your fingerprint. Let us go through the most common ways how to generate secure passwords for your online accounts and online systems:
1. Include letters, numbers and symbols
When creating safe passwords, pay attention to the details of the password. In all the passwords that you will make, include:
- Symbols (@#$%&*)
- Numbers (12345)
- Lowercase letters (abcd)
- Uppercase numbers (ABCD)
If you would like to automate this process, there are free password generators on the internet. We would recommend using a password generator to create your secure password.
2. Make it long
Almost till the end of 2019, the minimum password length was eight characters. However, this is no longer the case. With all the high-powered systems, cracking an eight-character long password is comparatively easier than cracking a 16-character long password.
We recommend having at least 16 characters in your passwords, or even more.
Note that in some cases, you are obliged to use a password less than 16 characters long or, depending on the system/account you create, it will have its own set of password length parameters.
3. Stay away from the obvious.
Here are the top 10 most common passwords that are being used all over the internet. It would be best if you avoided them at all costs:
Never use sequential numbers or letters on your password. Never include your personal information when you create passwords, like your name, date of birth, ID number etc. If a hacker targets you specifically, they will use all the information they have on you to crack your accounts.
Focus on creating something unique.
4. Avoid common substitutions
Password crackers are on top of all the substitutions that can happen for common words. You can use the word MARSHAL or MAR5HA1 and still end up being cracked using a brute force attack. A brute force attack is when the attacker tests multiple passwords repeatedly until one will work.
The best practice today is random character placement which is more effective than the common substitutions.
5. Avoid using words as passwords.
Try not to create a password with a word when creating a strong password. Any word you can find in a dictionary can be cracked using a dictionary attack. This attack is specifically made to run all the words in existence and check which one will work to access your account.
A dictionary attack can guess your password in a matter of minutes.
6. Don’t include any personal information.
When creating the password, don’t include any personal information, including:
- Names of your family members
- Mane of your pets
- House numbers
- Phone numbers
- ID card numbers
- Social security numbers etc.
7. Don’t use the same password over multiple accounts.
We know it’s difficult to remember complicated passwords for each different account you are using over the internet. However, don’t reuse any password or the same security question and answer over multiple accounts.
This is because if one account falls prey to an attacker, the other accounts are likely to follow in its wake. In this way, you will not only lose data from one account but from all the subsequent accounts as well.
Also, don’t use two or more similar passwords where most characters are the same. For example, externalHarddrivefacebook and externalHarddriveinstagram are not recommended. If one is stolen, it means both these accounts are stolen.
8. Do not use other systems to log in to sensitive accounts.
If you have to access a vital account like your bank account, try to avoid using someone else’s system or when connected over a public WIFI, free VPS or the TOR network.
9. Don’t send sensitive information.
Try to avoid sending sensitive information over an unencrypted internet connection. Unencrypted connections are HTTP and FTP protocols. Always try to check if the connection is secure using the protocols like HTTPS, SFTP and IPsec. If not, the data can be sniffed out very quickly.
10. Store your passwords securely
With all the online accounts in existence, it’s impossible to remember all the complicated passwords (at least I can’t). Therefore try to remember a few master passwords and store the other passwords in plain text files. Now you should encrypt this file with 7-zip, disk encryption or any disk encryption software.
This way, all your passwords are safe, and you don’t need to worry about remembering them. We also recommend backing up your passwords in different locations. This way, if you lose access to your laptop, you can easily retrieve the passwords.
If this is too much of a hassle, you can always opt into using a password manager. You can save all your passwords inside the password manager and can be accessed using the master password. The passwords are kept secure and encrypted.
11. Use 2FA at all times.
Whenever possible, we recommend using two-factor authentication (2FA). This is the second layer of security for all your accounts. Two-factor authentication works in a way that once you enter the password, it will request another confirmation from you. There are multiple ways in which two-factor authentication works.
It can be an email confirmation or an authenticator application like Google Authenticator, which requires you to submit a verification code from your phone. 2FA is not available for all accounts, but if there is a possibility to activate it, we recommend doing it.
Strong passwords are essential in your business (also personal life) and a safety measure for all your accounts. Additionally, here are some final tips on good internet habits:
- Use a VPN when using public WIFI
- Never text or email your passwords
- Make sure your software is up to date
Security breaches happen all the time, and the best way to keep yourself and the people you care about safe is by sharing the information with them. Keep yourself safe and your close ones safe by sharing this article with them.
People also read: