How many passwords do you have?
A typical person in today’s society has more than 200 passwords to various websites, financial institutions, club memberships, credit cards, debit cards, and insurance companies. If you are like most people, you probably use the same password for more than one of these. VERY BAD IDEA.
What would happen to you if someone either learned or hacked your password? They would be able to access your financial information or be able to impersonate you via ID theft!
What do your passwords look like?
Every single password you have should be unique. No two passwords should be the same. DON'T DO IT!
What your passwords should look like.
Here are some good practices for creating your passwords. By using this technique, you will be extremely hard to ‘crack’. (If you follow the Password Haystacks website for creating your passwords, you can bypass this bit of knowledge.)
- Minimum length of 16 characters or better
- At least 2 uppercase letters (A-Z)
- At least 2 lowercase letters (a-z)
- At least 2 numeric digits (0-9)
- At least 1 special character (!@#$%^&*)
Some websites only allow 6 character passwords – in this case, decrease the requirements for uppercase, lowercase or numeric digits to 1 (do this differently for each 6 character password you need – don't use the same pattern each time!). Always have at least 1 special character in your passwords for high security.
New information on best practices for passwords
New information on passwords - length is better than complexity. A password that is longer is much harder to crack than one that is very complex like mentioned above. Create a personal formula (don't tell anyone!) to create a long password that will be unique to every website you visit. Example: color:animal:number:website - BlueHorse47Bank. Be sure to read more about this at Password Haystacks.
How do you keep track of your passwords?
These types of passwords may be hard to remember – especially if you have a lot of them. Writing the passwords down on a sticky note and sticking it to the monitor is not a good idea. Putting them in a drawer near your computer is just as bad. If you just have to keep a paper copy of your important passwords, print them up and delete the file from your computer, put the printout in an envelope and seal it. Then place the envelope in a secure location that you will remember.
Here are some programs that can help you keep your passwords organized and safe.
- LastPass - ($, recommended)
- RoboForm - ($, recommended)
- RoboForm2Go - ($, portable on USB flash drive, recommended)
New ideas to replace passwords coming!
Today, there are some new ideas for replacing the current standard password system. Just think, no more unique passwords for every site you visit – you either use a fingerprint, iris scan, or facial scan to login to secure websites or use a single login that creates a unique login for every website you visit!
Two current ideas for the latter are GRC's open source SQRL and an industry backed FIDO standard. My money is on SQRL as it does not require any information to be stored on a website company's servers, so there is no information that can be hacked like we have seen over the past few years (notably like the break-ins to Target, Home Depot and Sony as well as the financial companies of JP Morgan Chase, Citigroup, ETrade, PayPal and TD Ameritrade) to name a few.
Do your part and ask your favorite websites to start supporting SQRL or FIDO so that we can all be safer online.