When you think of password security, what comes to mind? For me, it is what can I do to keep my password safe. However, it is more than that. A password is an untold word or phrase used to gain access to a computer system, services, or a place. One would say, and I quote, "Treat your password like your toothbrush. Don't let anyone else use it, and get a new one every six months".
Five easy steps to keep your password secure:
A Strong Password
You can start by making your password strong. A strong password usually consists of 10 or more characters and includes upper and lower case letters, numbers, and symbols. The password's complexity increases the amount of time it takes for a brute force attacker to guess your password.
Keep Clear of Personal Info.
It is much easier for one to remember their password if it is personal. What is personal information: your favourite pet, people's names, birthdates, and even a wedding anniversary, to name a few. We live in this technological age, where we use social media to socialize. It is effortlessly easy to gain access to this information, hence why it is not a recommendation.
Stay Away From Complete Words
Another way of making it hard for attackers to guess your passwords through brute force or even dictionary attacks, avoid using names or full words in your passwords. Rather than using a word, you might consider using a phrase for your password to make it a strong password. Just remember to mix it up using the principles of a strong password.
Double the Strength
To increase your password strength, you can start enabling two-factor authentication for your accounts. This way, sites can further ensure that the person trying to access your account is you.
Have I been pwned?
In case you are wondering if you have gotten hacked or if your password has been stolen. In other words, was I pwned? Troy Hunt, a security expert, has made it relatively easy for us to check if we are a victim of data breaches. He created one of the oldest, best-known sites called Have I Been Pwned.
All you have to do is go to the site, where you'll see a simple search bar, you can enter your email address (safely), and the site will check it against multiple data breach records. In return, the site will inform you if the information entered has been seen in a data breach.
What should I do if my account has been pwned?
Suppose your email address got included in a data breach. In that case, it would be the best move to change your login password for your email address and the service affected by the breach. However, if you are reusing passwords (which is a bad practice), you also want to change that password on ALL those other services.
Ideally, it would be best if you never used the same passwords across multiple websites. It can be hard to remember multiple logins, but it is safer not to repeat your passwords.
If you are having trouble implementing these recommendations, consider using a password manager. Password managers are great for creating and storing complex passwords.
Guest Author: Sherika Richards