Password security is once again in the news. With the recent worldwide “WannaCry” ransomware attack – where information inside computers is held hostage until the hackers are paid – passwords theft is on the rise.
There are many ways to secure your digital property. Online services, operating systems and browsers all store passwords, and “two-factor authentication” is becoming more popular. Two-factor authentication, or 2FA, requires a username, password, and some other means of identification, such as a mobile phone number or verification code, to gain access to an account.
So what’s the best password and how should you guard your passwords and online accounts?
At least 16 characters
An ideal password is at least 16 characters long. It contains at least one number, an uppercase letter, a lowercase letter, a symbol and a space if your service allows spaces.
Avoid personal names, popular locations, and foreign words. These are easy to guess and prone to dictionary-based attacks. Your password should be complex, hard to figure out, not be obvious, but also easy for you to remember. Try this technique. Think of a phrase first, then create a password. “I hope Guam has fewer storms this year than in 2016!” Your new password could be: ihGhfStyTi2016! Pick a favorite phrase and have some fun with it.
It is wise to have a unique password for each service. The same password for multiple services sets you up for trouble. Imagine a hacker gaining access to your email, figuring out which services you use on a daily basis, testing one of them with your email password and then hacking into the others using the same password.
With unique passwords you’ll slow down the hacker and give yourself some time to change the passwords and try to correct any damage done to your accounts.
For a simple way to remember multiple (maybe dozens) of passwords that are ideally random, use a password manger. These services – LastPass, Dashlane and 1Password, for example – create passwords for you, securely store them and fill in the password box on the browser when you sign into the service. All you have to remember is the main password for the password manager service.
Besides passwords, another increasingly popular method to secure online accounts is two-factor authentication.