Let me have a quick show of hands; how many of you have the same password for all your online accounts? That’s too many! One of the easiest practices to put into place to protect yourself from identity theft is to implement a password overhaul plan. We shop, bank, pay bills, communicate, share photos, update our status, network, and conduct business online.
Every one of these actions (shop, bank, etc.) represents one or more websites we utilize on a regular basis. Each website is a doorway or entry point into our lives, our personal information, and potentially our money. If one of those doorways is breached by someone who knows what they’re doing, how many more could they get through before we found out about it?
To keep that from happening, it’s important to have a password protection plan you implement now. After all, how many sites have been in the news for being hacked in the last month? Here are 5 changes you can put into practice to better protect yourself.
Multiple Passwords: Do not use the same password for all your online websites and accounts. None of them should be the same one as your email password. The best practice is to have a different password for each website / account you access.
Change Regularly: If you’ve worked in a large company, you’re required to change your password regularly. This typically happens at least every 90 days. Do the same thing with your personal passwords. Change them every 90 days such as the first of each quarter. If you’ve never changed your passwords, do this at least twice a year such as fall back / spring forward, Christmas and the 4th of July, start of the school year and spring break, etc. Change is good, especially with passwords!
Don’t Be Obvious: Some of the most obvious passwords people use that provide little or no protection are simple words like “password,” numeric sequences (12345 or 54321), names (spouse, significant other, a child’s name, a family member, and pets), dates (anniversary, birthday, etc.), name of your hometown (or where you were born), sports team, and favorite holiday. Pick anything other than one of these and you will be ahead of most people. If your password is super easy to remember then it’s easily hacked.
This also goes for the answers to the security questions we’re asked. Go view a random person’s Facebook or Linked in profile. Chances are, within a few minutes, you’ll know where they work, where they went to college (maybe even high school), pet names, names of kids, and there may even be a picture of them at the game of their favorite sports team.
Substitute random answers for these questions such as the name of some obscure Star Wars character, author’s name, the 5th member of the Fab Four (yes there was one!), or even the Latin name for a jellyfish (it’s Medusozoa). You get the idea.
Go Long: How many characters does each site you log into allow you to have for a password? If it’s 8, take all 8 characters. If they give you more, make your passwords 10 characters long or longer. The longer your password is the harder it is for the average hacker to access your account. Passwords 14 characters long can take more than 24 hours to hack and even hackers enjoy easy pickings!
Special Characters: I was talking with a friend of mine who’s a CIO of a company in Dallas. The subject was passwords and systems security – it was an enlightening conversation. One of the things he does is take a word or multiple words and replace various letters with special characters. For instance, a $ can be used in place of an S, 3 can be an E, @ can be used in place of an A, etc. Using his methodology “Wise” could be recreated as “W1$3” (that’s not one of mine). Changing letters with special characters or interspersing special characters and numbers will provide you with stronger passwords.
An excellent practice that’s similar to using special characters is to mix upper and lower case letters in places where they don’t usually go. Instead of “Red_Robin”, go with something like r3Dr0B1N. Mix your cases, special characters, and numbers and you can you come up with some pretty strong passwords!
Now if you put these into practice, you could conceivably have 20, 30, or more passwords. Don’t write them down! That’s never a good practice. What you can do is take advantage of a password manager tool that helps track all your passwords. Options are available for PCs, Macs, iPhones, and Android phones. Some are free and others will cost a little, but they’ll remember your passwords for you, provide high level security, and help you protect yourself from being an easy target.
What suggestions, comments, or questions do you have? Share them with me, along with your best practices in the comments section of our blog, or on my Google + and Facebook pages. I’d love to hear from you!
