Password Best Practices That Work!
Nobody wants to share a toothbrush, no matter who the person is. We all know that for obvious hygienic reasons, not sharing toothbrushes will help to keep us safe from bacterial infection. We also do not share other personal stuff for all the right reasons.
We simply want privacy, protection, and personal space. It’s something we human beings normally want naturally.
That should also be the case for how you want to treat your passwords. Passwords can not take care of your dental hygiene, but they can buy you excellent dental service if you use them properly to protect your bank accounts.
Why Should I Protect My Passwords?
Why should you want to protect your house from burglars? Maybe ask why you want to protect your kids from harm? Or simply think about why would never want to see your house burn to the ground. Protection is a thing especially if we own something important.
Passwords act as a key to many of your essential online accounts, like:
- Bank Accounts
- Social Media Accounts
- Any accounts that hold monetary value or information.
The information you have in these accounts is valuable and needs to be protected. Keep in mind, money is not the only thing that can be stolen; your identity can be stolen as well. Then the criminal may commit fraud online using your stolen identity. It’s not pleasant to think about, but your identity may be stolen because of a simple, careless act of ignoring password best practices.
Best Practices For Securing Your Passwords
Below is a list of the best practices to help you have a better experience when creating and keeping passwords. Keep in mind that not all of the suggestions here may work for you but definitely each of them is worth trying out.
1. Use Different Passwords For Different Accounts
Using the same password for multiple accounts is a serious security risk. It only takes one account to be breached by a hacker, and unfortunately, many times all they have to do is guess. Then using that password it is easy for them to gain access to your other accounts. That could mean a lot of damage.
Now, you may be thinking that it would be challenging to create many, different passwords, and you may be right. However, what do you prefer, a known list of secure passwords or an empty bank account?
So you should create password variations in the event that one of your accounts gets hacked, the others will remain secure. This is an important password best practice.
2. Make Your Passwords Hard To Guess
Don’t write passwords that are easy to guess, like your first name, your business name, or your family name. Using a password that reflects commonly known, personal information about you is a disaster waiting to happen.
So how do I make my passwords hard to guess?
3. Make Long Passwords
Create long passwords. The longer the password you create, the harder it is to crack by hackers that are attempting to steal your login details. The goal is to make your accounts more secure.
Avoid Using Your Birthday As A Password
Did you know that thousands upon thousands of users are using their birthdays for their passwords? This is a major mistake.
It’s simple, logical sense that you should not be using your birthday as your password. The date of your birthday is one of the first things hackers will try when breaking into your account. Unfortunately, it’s a mistake that many commits.
4. Don’t Use Common Words From Dictionaries
Using words found in the dictionary is another means that hackers can exploit. In fact, there are online, password-cracking tools that come with a dictionary list that will try thousands of common words, and even names and passwords.
To help ensure your password security, don’t use common words. For your protection, add this suggestion to your list of password best practices.
Combine letters, numbers and special characters
To make your passwords even more secure, it is a good practice to combine words with numbers. Making passwords long and complex with a mixture of numbers and letters is a great way to increase the level of security for your passwords and your accounts.
In addition to using numbers and letters, adding special characters like a percent sign, a hyphen, an exclamation point, or any symbol on the keyboard will also increase the security of your passwords.
Using Password Generators
If you hate the idea of trying to think up passwords that are long, secure, and sophisticated, then let a password generator take care of it for you. I understand that you have a million other things to think about let alone manage your passwords.
Here is a free password generator you can try; or you can google one for yourself. The benefits of using a password generator are apparent. It saves you the time and the hassle of having to go through your own password creation process.
A password generator is an easy tool that you should add to your list of password best practices. It saves you time and effort. It saves you the headache of making a long list of passwords so you could bother yourself trying to locate the write one for you.
Password generators make thinking easier and a lot more streamlined. So, try one now and it will save you a lot of thinking effort just to think about generating your unique password.
5. Manage Your Passwords
Many people have multiple, online accounts and they want to simplify things by using the same password for all of them. Wrong idea. Each account should have its own unique password AND its a good idea to have a password manager that keeps track of them. Using password managing software is another one of those password best practices idea.
What’s a password managing software? Is it really that useful for me?
As the name implies, a password manager stores and manages passwords for you. Think of it like another person doing the managing stuff for you. Freeing you from the hassle of trying to supervise or manage all of your accounts. Google has one, and it’s free.
If you want a paid version of a password manager, you have the option to do so. Paid versions offer more functionality and features that free version simply do not have.
Here are some examples of password managing software you can try. Remember, each of them offers a different approach so it’s best if you take everything with a grain of salt.
Dashlane offers both a free version and a premium version. The free version is capable of managing up to 50 accounts in a single device. It also provides a multi-factor authentication feature and automatically fills in passwords for you.
- Last Pass
This software stores data using AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to make sure your passwords are secure.
If that sounded too complicated, it merely means you can trust this software. It lets you store credit card details and delivery addresses so you can automatically fill in forms online when you need them.
- Keeper Password Manager
Keeper Password Manager is a pay-only software, so there is no free version that would allow you to do a test run.
Its advantage is that it is one of the most sophisticated pieces of software on the market when it comes to managing passwords.
You can run the program through your mobile device both on iOs and Android. It also has an extension for all major browsers like firefox, chrome, and safari. It supports different operating systems, like Windows, Mac, and Linux.
Remember, if it’s too much to manually keep of your passwords, then automate, employing a password manager as a part of your password best practices.
6. Enable Two Factor Authentication Feature
Surprisingly, even if you make your password long, complicated, and secure, there is still a chance of it being hacked. A two-factor authentication feature is something you should seriously think about using.
When you log in to your account using this feature, you are required to prove your identity in two steps. First, you enter the password for the account. Once you have successfully entered the correct password, a code that is required for login will be sent to your cellphone or email.
It’s an extra effort on your part, but it’s also an extra layer of protection for the special data you own in the digital domain.
7. Never Share or Reveal Your Password
Your login credentials are as necessary and important as your bank account information. Keep them private and NEVER casually share or reveal them.
If you own a website and you need to offer access to a developer or a virtual assistant, then it’s best if you create an account for them instead of sharing the same account.
Regardless of whatever account you have, for security reasons, it’s best not to share your login credentials, let alone your password. Make this a priority.
In addition, there are things to consider further the notion of why you should not share or reveal your password to anyone.
- It is your responsibility for any activity being done under your account. Remember, it is still your responsibility if someone is using your account and are doing malicious activities under your name. There is no denying that.
- If you own a business and you have people or employees who are expecting their monthly salary from you, then it is best to ensure that your information is safe to also safeguard the interest of your employees. The information of each employee also is your responsibility to keep private.
- Not only should you avoid sharing passwords but you should also log off your computer once you are done using it. Do not make the mistake of leaving it open for anyone to take a look at your account thinking that it’s safe within your house or your company.
8. Use A Master Password
If you are using the password manager that Firefox offers, be sure to create a master password in order to access it.
Otherwise, anyone who has physical access to your computer can see your saved passwords and related credentials. All they need to do is open your browser and check. Viola!
9. Don’t save your passwords in plain sight
If you are using a text file to save your passwords, don’t let it sit on your computer in plain view. Keep it hidden and possibly password protected.
Another good practice for writing passwords is to open an Excel spreadsheet. In one column write the source you are password protecting in one column and in another column write a clue to what that password is. In doing so, you don’t have to write the password itself in plain view.
10. Avoid Periodic Changes
Over the years, there is a certain security practice being forced upon users to tell them that it’s for their own safety – changing your password every 90 to 180 days.
While this idea surely creates a notion of safety and protection for users, it also creates unexpected problems.
- You keep thinking of new passwords while you are busy with other stuff. Generating a secure password is time-consuming especially if you are one of those people who never use a password generating software.
- People tend to reuse old passwords which creates a gap or a breach to the overall security of the user. Once you reuse old passwords it opens to the possibility of being hacked. Who can blame people if reuse old passwords? Trying to change passwords every three months is actually a lot of work.
- You are now forced to write down passwords since you constantly update them. It’s no wonder if you find yourself scratching your head trying to log into your account and finding yourself that you can’t – because you used an old password.
Website Offer Recover Features
In case you forget your login credentials, most websites offer a recovery feature for you to access or reset them. It’s pretty standard practice for all websites to have this feature. Your email, your social media accounts and practically any website that offers membership or subscriptions have such features built into their system.
This is a precaution for these website owners too, in case their subscribers forget their passwords, they comforted by the notion of being able to recover or even change it.
This is the least recommended scenario for you to go through since you will have to create new passwords and login details again from the start.
The suggestions we have made in this list of password best practices are geared towards one goal–keeping your essential files and credentials as safe as possible.
Just imagine what it would be like if you had saved your money for years only have it be stolen by hackers because your password was too easy to guess or to crack. Don’t let it happen.
Going back to the questions in the introduction of this article, have you find yourself the answers to all the “why?”
We truly want you to have the best security possible.
Do you have any tips and ideas about how to keep your passwords safe? Let us know.
Please comment below.