Remember the custodian in your elementary school and the big ring of keys he or she had dragging at the belt? Those keys allowed entry into every door on the school campus and none of them were labeled; you just had to know which one went in which lock.
Passwords have become our own big ring of keys, giving us access to all of our daily duties online. And, just like that big jangling collection of keys, passwords have for many of us become cumbersome and easy to misplace. And all it takes is one of those keys to end up in the wrong hands and you’ve got a security issue on your hands.
Yet, as many IT experts will tell you, for as clumsy and difficult as passwords are to remember and manage, they still are the foundation for internet security.
Like a lot of tools in life, passwords themselves aren’t necessarily the problem, it’s how internet users handle them that causes the real issues. Passwords that are too weak, too old or shared can’t perform their security function well, yet that is exactly the reality for many families.
Do any of these sound familiar?
- You use the name of your spouse, child or pet in security questions or as the password itself.
- You have trouble remembering passwords, so you make it as easy as possible to remember (abc123, anyone?) and you may even write it down, just in case.
- If you do manage to commit a password to memory, you never change it just to avoid having to come up with another one
- You have a favorite password that you use across multiple sites and/or devices.
All of these behaviors are easy picking for hackers and cybercriminals who have increasingly more sophisticated means for breaking into your account, especially with an easy or outdated password.
Fortunately, there is hope; all it takes is a little work and mental engagement to raise your password game. Experts suggest:
- Create strong passwords – a strong password should be at least 12 characters long (14 or more is better), that combines upper- and lowercase letter, numbers and symbols. Play around with spelling so that your password does not match what’s in the dictionary. And for heaven’s sake, stop using the names of loved ones!
- Come up with different passwords for different accounts/devices. We all do it, we all need to stop doing it because it’s making the crooks’ jobs too easy.
- Use multi-factor authentication. This technique combines a string password with a second step, such as a keycode or a message sent your phone to confirm you’re you.
- Don’t share your password. This is so basic it’s silly, but we still share our passwords at will for a whole host of reasons. Passwords are just like a surprise party, the more people you tell, the greater the chance someone spills the beans.