dearJulius.com

9 Rules for Strong Passwords

9 Rules for Strong Passwords
© Dan Nelson / Unsplash

By Clifford Colby & Sharon Profis, CNET

The key to your online security is to have strong passwords, but the challenge is to create distinct passwords that you can actually remember -- or else you may fall into the bad habit of using the same login credentials for multiple accounts. According to LogMeIn, the company behind the LastPass password manager, you could very easily have 85 passwords for all your accounts once you count all of your social media, streaming, bank accounts and apps.

If your data is compromised, weak passwords can have serious consequences, like identity theft. Companies reported a staggering 5,183 data breaches in 2019 that exposed personal information such as home addresses and login credentials that could easily be used to steal your identify or commit fraud. And that pales in comparison with the more than 555 million stolen passwords that hackers on the dark web have published since 2017.

The identity protection of a post-password world isn't here for most of us. So in the meantime, try these best practices that can help minimize the risk of your data being exposed. Read on to learn how to create and manage the best passwords, how to be alerted if they're breached, and one crucial tip to make your logins even more secure.



Use a password manager to keep track of your passwords

Strong passwords are longer than eight characters, are hard to guess and contain a variety of characters, numbers and special symbols. The best ones can be difficult to remember, especially if you're using a distinct login for every site (which is recommended). This is where password managers come in.

A trusted password manager such as 1Password or LastPass can create and store strong, lengthy passwords for you. They work across your desktop and phone.

The tiny caveat is that you'll still have to memorize a single master password that unlocks all your other passwords. So make that one as strong as it can be (and see below for more specific tips on that).

Browsers like Google's Chrome and Mozilla's Firefox also come with password managers, but our sister site TechRepublic has concerns about how browsers secure the passwords they store and recommends using a dedicated app instead.

Password managers with their single master passwords are, of course, obvious targets for hackers. And password managers aren't perfect. LastPass fixed a flaw last September that could have exposed a customer's credentials. To its credit, the company was transparent about the potential exploit and the steps it would take in the event of a hack.



Yes, you can write your login credentials down. Really

We know: This recommendation goes against everything we've been told about protecting ourselves online. But password managers aren't for everyone, and some leading security experts, like the Electronic Frontier Foundation, suggest that keeping your login information on a physical sheet of paper or in a notebook is a viable way to track your credentials.

And we're talking about real, old-fashioned paper, not an electronic document like a Word file or a Google spreadsheet, because if someone gains access to your computer or online accounts, they can also gain access to that electronic password file.

Of course, someone could also break into your house and walk off with the passkeys to your entire life, but that seems less likely. At work or at home, we recommend keeping this sheet of paper in a safe place -- like a locked desk drawer or cabinet -- and out of eyesight. Limit the number of people who know where your passwords are, especially to your financial sites.

If you travel often, physically carrying your passwords with you introduces greater risk if you misplace your notebook.



Find out if your passwords have been stolen

You can't always stop your passwords from leaking out, either through a data breach or a malicious hack. But you can check at any time for hints that your accounts might be compromised.

Mozilla's Firefox Monitor and Google's Password Checkup can show you which of your email addresses and passwords have been compromised in a data breach so you can take action. Have I Been Pwned can also show you if your emails and passwords have been exposed.



Avoid common words and character combinations in your password

The goal is to create a password that someone else won't know or be able to easily guess. Stay away from common words like "password," phrases like "mypassword" and predictable character sequences like "qwerty" or "thequickbrownfox."

Also avoid using your name, nickname, the name of your pet, your birthday or anniversary, your street name or anything associated with you that someone could find out from social media, or from a heartfelt talk with a stranger on an airplane or at the bar.



Longer passwords are better: 8 characters is a starting point

8 characters are a great place to start when creating a strong password, but longer logins are better. The Electronic Frontier Foundation and security expert Brian Kerbs, among many others, advise using a passphrase made up of three or four random words for added security. A longer passphrase composed of unconnected words can be difficult to remember, however, which is why you should consider using a password manager.



Don't recycle your passwords

It's worth repeating that reusing passwords across different accounts is a terrible idea. If someone uncovers your reused password for one account, they have the key to every other account you use that password for.

The same goes for modifying a root password that changes with the addition of a prefix or suffix. For example, PasswordOne, PasswordTwo (these are both bad for multiple reasons).

By picking a unique password for each account, hackers that crack into one account can't use it to get access to all the rest.



Avoid using passwords known to be stolen

Hackers can effortlessly use previously stolen or otherwise exposed passwords in automated login attempts called credential stuffing to break into an account. If you want to check if a password you're considering using has already been exposed in a hack, go to Have I Been Pwned and enter the password.



No need to periodically reset your password

For years, changing your passwords every 60 or 90 days was a long-accepted practice, because, the thinking went, that was how long it took to crack a password.

But Microsoft now recommends that unless you suspect your passwords have been exposed, you don't need to periodically change them. The reason? Many of us, by being forced to change our passwords every few months, would fall into bad habits of creating easy-to-remember passwords or writing them on sticky notes and putting them on our monitors.



Use two-factor authentication (2FA) … but try to avoid text message codes

If thieves do steal your password, you can still keep them from gaining access to your account with two-factor authentication (also called two-step verification or 2FA), a security safeguard that requires you enter a second piece of information that only you have (usually a one-time code) before the app or service logs you in.

This way, even if a hacker does uncover your passwords, without your trusted device (like your phone) and the verification code that confirms it's really you, they won't be able to access your account.

While it's common and convenient to receive these codes in a text message to your mobile phone or in a call to your landline phone, it's simple enough for a hacker to steal your phone number through SIM swap fraud and then intercept your verification code.

A much safer way to receive verification codes is for you to generate and fetch them yourself using an authentication app like Authy, Google Authenticator or Microsoft Authenticator. And once you're set up, you can choose to register your device or browser so you don't need to keep verifying it each time you sign in.

See more at CNET

|Featured Content_$type=three$c=3$l=0$m=0$s=hide$rm=0


A Part of Julius LLC
Made with in NYC by Julius Choudhury
Name

AI,6,Amazon Prime,1,Android,31,Apple,44,Apps,35,Browsers,3,Camera,18,Chrome,2,Computing,17,Electronics,11,Electronics and Gadgets,12,Email,2,Entertainment,3,Facebook,3,Featured,13,Features,110,Fintech,1,Firefox,1,Gadgets,90,Games,123,Google,51,Industry,5,Instagram,4,Internet,30,iOS,2,iPad,9,iPhone,53,Laptops,19,Mac,1,Messenger,1,Metaverse,1,Microsoft,8,Mobile,24,News,1,Operating Systems,3,Portable Media,14,Printer,2,Security,30,Smartphone,90,Snapchat,2,Social Media,59,Spotify,1,Tech Advice,12,Tech Education,8,Tech Hacks,41,Tech Updates,3,Tutorials,56,TV,2,Twitter,4,Virtual Reality,1,VPN,2,Web & Social,17,WhatsApp,2,Wi-Fi,7,Windows,3,YouTube,7,
ltr
item
Tech Hacks | Tips, Tricks and How-Tos: 9 Rules for Strong Passwords
9 Rules for Strong Passwords
The security of your bank account, Netflix account and email inbox depends on how well you safeguard your many passwords.
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWKbhw1gtS55-gNPXdV7CFaeQ2kiAm1GaYieZzExgU-CsqGB3a1O_tC92AmLLZSkcD8m2DXtdUURn8kWdKUjE2NfPiPK5aA3GijxJlywe-OdaYfN2-QaLHPDfVkzZ1j_MzTua-y76YzMwe/s16000/books.dearjulius.com.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWKbhw1gtS55-gNPXdV7CFaeQ2kiAm1GaYieZzExgU-CsqGB3a1O_tC92AmLLZSkcD8m2DXtdUURn8kWdKUjE2NfPiPK5aA3GijxJlywe-OdaYfN2-QaLHPDfVkzZ1j_MzTua-y76YzMwe/s72-c/books.dearjulius.com.jpg
Tech Hacks | Tips, Tricks and How-Tos
https://tech.dearjulius.com/2020/11/9-rules-for-strong-passwords.html
https://tech.dearjulius.com/
https://tech.dearjulius.com/
https://tech.dearjulius.com/2020/11/9-rules-for-strong-passwords.html
true
5526239608669527925
UTF-8
Loaded All Posts Not found any posts VIEW ALL Read More Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content