We all have them. Some we safeguard better than others. Passwords: the literal keys to online security. Protect yourself and your accounts by following CyberCat's advice.
5 Tips for Secure Passwords
Make it strong
Do not make is easy for a cyberattacker to crack your code.
First of all, don't tell anyone your password. Keep it secret.
Don't write them down in a notebook labelled "Passwords" or on a Post-it you put on your monitor or under your keyboard.
Don't include anything personal, like your name, address, phone number, birthday, pet's name, anyone in your family's name, address, SIN, etc. in your password.
As well, think twice before sharing those personal details in one of those silly online quizzes. You're giving away potential clues to your passwords and security questions.
Make it long
The longer your password, the stronger it is. Pretty simple, right? Short passwords get cracked quickly by brute force and dictionary attacks using words and commonly chosen passwords. What's a good length, you ask? Well, that's complicated, and can vary depending on what's at stake behind that account. Just make it as long as you want -- 12-20 is a good range.
Make it unique
Every account you have should have a unique password. That can be (read: will be) a lot, but if one of your accounts is compromised, your other accounts are still safe. The next tip helps with this.
Use a password manager
It's not until you commit yourself to having a unique password for every account that you truly realise how many accounts you have. It seems like everything these days requires you create an account.
Make it super easy on yourself by getting a password manager. There are plenty out there, but CyberCat's favourite is LastPass. It's free and has a secure browser extension that you can use to help fill in your passwords or create new ones. You won't regret it.
Two factors are better than one
When two-factor or multi-factor authentication is available, use it. 2FA or MFA requires you not only need your password but something like a biometric (e.g. fingerprint) or code sent to your phone. It may seem a slight inconvenience, but it is the strongest authentication method you can use.
Password vs. Passphrase
Passphrases are passwords that are just bunch of random words or a sentence, including spaces and punctuation -- they're typically a little easier to remember too. In order to be secure, whether you use a password or passphrase, they still need to be long, strong and unique.
CyberCat's Favourite Sites
Have I Been Pwned? If you do one thing today, go to this website and enter your email address to see if it's been compromised in one of the hundreds of data breaches they've indexed. If you have, don't get scared, just change the password for that account and every other account you used that email-password combination immediately.
Test a Password by Kaspersky Labs is a fun way to see how length matters. Enter a password (not a real one) to learn how long it would take a brute force attack to crack it.
CyberCat is your guide through the world of cybersecurity. She knows it can be intimidating out there, so that's why it's her mission to educate you about using technology responsibly. She brings you semi-regular information so you can be proactive about protecting yourself. Don't want to miss an issue?