How to Create Secure Passwords and Protect Them
When Not to Reduce, Reuse, and Recycle
When was the last time you changed your online passwords? Odds are that you’ve been using one or more of them for too long, and they may be easy for determined hackers to crack. Lazy password habits can be risky, but they’re also common and, frankly, understandable. With so much work, play, and commerce taking place online, it’s not unusual to have dozens (or even hundreds) of passwords and logins.
Managing passwords can feel like a chore, but before you decide it’s too much trouble to change them, consider the alarming frequency of large-scale corporate data breaches that expose private user data. Even if you’ve figured out how to keep your personal information secure, your passwords might be stolen from the places you visit online. The best ways to manage multiple passwords require a little effort, but stepping up your password game could save you time and money in the future.
Never reduce.
Creating short passwords may make them easier to remember, but it also makes them simpler to crack. Longer passwords increase the number of variables, and lengthy, randomly generated passwords can improve your online security by being virtually uncrackable.
Worried you might forget a long password? Relax—password managers are available to encrypt and administer all your passwords under the protection of one strong master password, so you don’t have to remember everything. If you need help, the most secure online password managers often provide practical advice on how to create and protect a strong password, and some will even do it for you.
Never reuse.
As tempting as it may be to use the same simple password for everything, it can be extremely risky. Obviously, anyone who discovers your password will have access to any account that’s protected by it, whether there are 10 or 100. The bank account you access with that password may have unbeatable security standards, but your favorite restaurant rewards club might be more easily hackable. If you’re using the same password for everything, one weak website hack is all it takes to make your entire online life vulnerable.
Now, about those password managers… Although they’re usually accessed by a single master password, it’s a calculated risk worth taking. It’s still critical to create and remember a strong password to protect your password manager account, but if you can do that, they allow you to easily and securely maintain as many complex passwords as you need. Enabling two-factor authentication can quickly make things even more secure.
Never recycle.
Recycling things like bottles, cans, and paper is great, but recycling passwords is a no-no. When you change a password, create something drastically different from the old one. A password like footballer1 suggests that updated passwords might be footballer2, footballer3, etc., and the whole point of changing passwords is to make them impossible to guess.
Instead of recycling an outgoing password by applying a small change, start using entire phrases you can easily remember until it’s time to change again. A longer password like EaglesWontheSuperBowl2018 is easy to remember, and weighing in at 25 characters, it’s also difficult to crack. For the next one, go in an entirely different (but memorable) direction, such as 4scoreandSevenyearsago.
ALWAYS protect your passwords.
Whether you rely on an encrypted password manager or you scribble login details in a notebook, the most important thing you can do is make sure you’re the only person with access to your information. Put real thought into your passwords when you create them, keep them secret and secure, and change them more often that you probably want to, especially after confirmed security breaches. Your online accounts will thank you.