Password Practices

Passwords are an important part of securing your devices and online accounts, and hackers know this. Brute force password attacks are becoming more and more common as hackers get better at guessing your password. So let’s take a look at some practices that you can use to make yourself a difficult target.

When creating a password, long and complicated passwords are still your best bet. Make sure to use a combination of letters, numbers, and special characters. While all this can be a lot to remember, using passphrases instead of just a password can help simplify remembering long and complicated passwords. For example you could take the phrase “The Lion Sleeps Tonight” and turn it into a password such as, #tHeli0n5le3ps2N!ght.

Of course with all the different accounts we all have in today’s world, using a password manager can go a long way to keeping all of this in check. They can even generate passwords, so you won’t have to keep coming up with new passwords and you can setup your accounts so none of your passwords are the same. Two of my favorite passwords managers are Lastpass and KeePass. Lastpass is an online password manager than can sync across all your devices, and even fill in your information on your websites so you literally do not have to know what your passwords are. Of course a lot of people are reluctant to go this route as it is online and could be hacked. But they have had a good reputation and have several other security measures in place to prevent such a thing from happening. But if you want something more in your control and local, KeePass is the way to go. KeePass keeps all your passwords in an encrypted database on your computer, with no online access. However you still have to copy / paste passwords when going to websites. But using a password manager to keep your passwords different across your accounts is a good idea and prevents what I like to call “The Domino Effect” from happening. This happens if you use the same email and password across all your accounts, and let’s face it people like to do that to keep things simple. But if one of your accounts gets hacked, that means ALL your accounts are now hack-able.

A lot of services have also started using Two Factor Authentication, this means that in addition to knowing your username and password, you also have to have your cell phone to get a code in order to login to your accounts. This way if the hacker does have your username and password, they would still need your cell phone in order to gain access to your information. Google, Evernote, Dropbox, Lastpass, and many more have two factor authentication. And while it is an extra step, I think it is worth the protection, after all it is about making yourself a difficult target.