How to Create a Strong Password - Step-by-step Guide
A secure password and updated recovery info help protect your Google Account. Your password should be hard to guess and shouldn't contain personal information like your birth date or phone number.
October 04, 2023 06:08
In today's digital age, we cannot overemphasize the importance of creating a robust password. A robust password safeguards our sensitive information from unauthorized access, cyber-attacks, and potential data breaches.
Here's a detailed, step-by-step guide to ensuring you craft a password that stands the test of time.
10 Strong Password Best Practices to Follow
1. Understand the Characteristics of a Strong Password
Length: We recommend a password of at least 12-16 characters. This length makes it harder for attackers to decipher your password using brute force attacks.
Complexity: Mix uppercase and lowercase letters, numbers, and special symbols. This combination results in billions of permutations, making it challenging to crack.
Avoid Dictionary Words: Stay clear of using common words or phrases. Hackers often employ dictionary attacks, trying every word in the dictionary.
No Personal Information: It's tempting to use birthdays, anniversaries, or your child's name. However, this information can be easily found, especially with the prevalence of social media.
2. Use a Passphrase
Instead of just using a word, we suggest using a memorable passphrase. This could be a line from your favorite song, a quote from a book, or any other sequence of words. Then, for added security, replace some of the letters with numbers or symbols. For example, "ILoveSunsets!" could become "1L0v3$un$3t$!".
3. Employ a Password Manager
Considering the numerous online platforms we access daily, remembering multiple strong passwords might seem daunting. That's where password managers come in. These tools securely store and autofill your passwords, allowing you to maintain unique, strong passwords for every site without the stress of remembering them all.
4. Two-factor Authentication (2FA)
Even with a robust password, we always advise activating two-factor authentication where available. This extra layer requires a secondary piece of information to access your account, typically a code sent to your mobile device.
5. Regularly Update Your Passwords
We advocate for periodic password changes. If a service you use has been breached, an immediate password change can prevent unauthorized access. Set reminders to change your passwords every 3-6 months.
6. Check Password Strength
Use online tools like password strength meters to gauge the robustness of your password. While these tools aren't foolproof, they offer a good starting point in understanding areas of improvement.
7. Avoid Using the Same Password Across Multiple Sites
If one site is compromised and you've used the same password across different platforms, all your accounts are at risk. Ensure each account has a unique password.
8. Be Wary of Phishing Attacks
A strong password can't protect you if you willingly give it away. Be cautious of unsolicited emails asking for personal information or guiding you to suspicious-looking sites.
9. Educate and Update
Stay updated with the latest cybersecurity threats. Understanding the methods attackers employ can better prepare you to counteract them. We also recommend educating family members, especially the younger and older generations, about the importance of strong passwords.
10. Recovery Options
Ensure you've set up account recovery options. This could be an alternative email or a mobile number. It aids in swiftly recovering your account in the unfortunate event of a hack.
Information You Should Never Include in Your Passwords
When updating and creating new passwords, please do not include the following information:
1. Your pet’s name.
2. Your birthday or that of family members.
3. Any words related to your hobby, job, or interests.
4. Part of your home address, including city/town, street, house/apartment number, or country.
5. Your name or the name of a family member.
Cyber criminals research their victims online, looking for clues that can help them hack your password. And they will use any clues about you, where you live, your interests, and your family to guess your password strategically.
If any of your passwords use any information linked to you personally, please take a few minutes to update your passwords following our strong password best practices.
How To Keep Your Social Media Password Protected and Secure
Many websites, applications, and tools now allow you to log in using your Facebook, Twitter, Instagram, or other social media account. This adds convenience to the average web user since you do not need to create a new username and password. However, using this feature makes you vulnerable to social network data breaches.
Once a cyber criminal has your Facebook account credentials, they can access any other websites, applications, or tools that you have logged into with Facebook.
Five tips to keep your social network passwords protected and secure
Do not reuse passwords and change them frequently. Even though you have created a strong password, don’t reuse it across multiple social networks, websites, and applications.
1. Use a password management tool to store your passwords. If your IT/ support team has provided you with one, maximize it to store personal and professional passwords.
2. Some of the most popular password managers are Dashlane, Keeper, and LastPass. Do not store your passwords in a file on your computer or smartphone.
3. Use two-factor authentication. If a cyber criminal does guess your social network username and password, two-factor authentication forces the criminal to provide a secure PIN to log in.
4. You will receive a notification of the login attempt, alerting you that your password has been hacked. If you receive this notification email or text, refuse access, and change your password and username immediately.
5. Do not log in to accounts or websites with your Facebook or social network credentials. If your Facebook credentials are compromised, the hacker can now access any applications and websites using your password.
6. Pay attention to friend requests, chat messages, and new followers or friends. Be wary of Facebook friend requests from people you’re already friends with on Facebook or Instagram followers with zero posts.
Cyber criminals may hack your friend’s account, send you a friend request, and then start collecting information about you that can be used to hack your accounts. If your social network account is hacked, be public about it, and post something like, “Alert, my account has been hacked. Do not respond to friend requests, direct messages, or chats from my account.”
Above all else, be suspicious and cautious. Do not trust emails asking you to reset your password. No company will ever send you an unprompted password reset or account validation email. If you’re in doubt about a friend request or chat message, ignore it and contact your friend over email or text to alert them to the suspicious request.
In conclusion, as our lives become increasingly intertwined with the digital realm, the significance of strong password practices grows exponentially. Protecting our digital presence is as vital as safeguarding our physical entities. By following this comprehensive guide, you equip yourself with the tools and knowledge to ensure your online security remains uncompromised.
