Your first line of defense against hackers is your password. If you’re using “Password1” it’s time to make some changes.
The threat from hackers is prevalent now more than ever with data breaches from major corporations and government entities making headlines yearly. It’s important to go over some of the basics of protecting your data.
Create a strong password
- A strong password is 12-16 characters long and includes numbers, symbols, upper and lower case letters, but not next to each other.
- Use the letters from a phrase. Instead of using “Ilovemydog1” create a phrase by using the first letter of each word. “iLm1dS” or “I love my first dog Spike” is stronger than “Ilovemydog1.”
- Refrain from using pop culture topics in your password. Passwords such as “StarWars” or “ChicagoCubsWillWin” are common and can easily be broken.
- Don’t use your password anywhere else. The more you reuse the password, the easier it will be for others to get information.
“The world is succumbing to more convenience not more security,” said Ori Eisen a board member of Cyber Security Canyon – Arizona’s Cyber Security Coalition.
It may seem like you’re sacrificing convenience for strength but with today’s technology it is has become easier to manage passwords for multiple sites. Instead of reusing your password, use a password manager.
Password managers
A password manager is an application available for smartphones, tablets and computers that stores and organizes passwords. Password managers encrypt your passwords and require the user to have a master password. The master password has to be very strong and is usually generated by the password manager. Once the master password is inputted, all the other passwords can be used to log into sites. It’s convenient and safe for the user. Some popular password managers are:
“If malware is already on your phone and you use your fingerprint to access information online, nothing prevents someone from using the stored fingerprint a week later,” said Eisen.
Eisen suggests that people change their passwords once a month. If a site is hacked (think Yahoo!, Target, etc.) it won’t affect the user because the hacker will have the old password that no longer works.
Change your password
The time frame in which you should change your password is debated amongst professionals. Most workplaces require that you change your password every 30 to 90 days, which is a great rule of thumb to follow if you change your password correctly every time.
- Changing your password from “MyComputer1” to “MyComputer2” is not going to ensure that your information stays safe. Instead change it to “tImWP4” (this is my workplace 4.)
- Continue to use the same methods listed above to create a strong password.
- For those that have an incredibly strong password, consider changing it less often.
Creating, managing and changing your password is great way to make sure your information stays safe and in addition to those techniques, two step authentication should be used whenever possible.
Two step authentication
Two step authentications is an additional layer of security that uses two or more devices to ensure a secure connection. For example, a user logs into a bank account from an unknown computer. The user will be prompted to enter a password and answer a question or input a code on another device such as a smart phone that the user has associated with the account. If everything is entered correctly, the account will be unlocked and the user can proceed as normal. If the information is not entered correctly, the account owner will be notified and all accounts will be locked. Many sites are already using two step authentication and there are many trusted apps that you can choose from such as:
- Google Authenticator for Android or iOS
- Trusona
- Duo
What else can be done to keep your information safe?
“I keep complex passwords, make sure the website I’m on is a legit one and not a redirect from a bad link. I also make sure that anytime I do send sensitive information it’s encrypted. That will mean the website has a https:// instead of just http://, but most browsers warn you nowadays,” said Stephen Emerson a Mesa resident who enjoys working on computers. “I think everything should be encrypted. I’d encrypt my eyelids if it weren’t so impractical.”
But not everyone feels the same way about passwords.
“It honestly depends on what the password is protecting, who it belongs to and a wide variety of things. If something is that important and someone needs to know about it and they don’t have access to the password, they’ll find a way, probably. But a regular person with regular things to keep password protected will probably be fine with a standard password setup,” said Rang Ly a Flagstaff resident.
Hackers and thieves have many ways of trying to steal your information and it’s happening to people around the world. The best way to keep your information safe is to strengthen your first line of defense: your password.