Here’s a hassle-free way to make all of your passwords secure.
We all know that we need strong passwords because hackers quickly crack passwords with computers that try hundreds of possible combinations in mere seconds. Many of us take shortcuts and don’t follow password best practices because managing complex passwords across all our accounts can be challenging.
There’s a better way. Use a password manager program to securely store your passwords. Many of these programs are free and will automatically generate secure passwords for you. By using one of these programs, you can select one strong but easy-to-remember password or passphrase that will unlock the rest of your passwords.
LastPass is a fast way to get started, taking just five to 10 minutes to set up. It will autofill your logins for the next time you sign into an account and will scan and purge passwords from your internet browsers and flag weak ones. Other features: It stores your passwords in an encrypted database in the cloud and offers two-factor authentication and biometrics if your device supports it. To get started, download it, then click the icon next to your browser’s address bar and go to “More Options,” then “Advanced” then “Import” to import passwords stored in your internet browser. Then you can clear your internet browser cache and history.
KeePass (which works best with Windows) stores the passwords on your local machine using secure encryption (meaning someone who stole the machine would not be able to access the information). This is a great option for someone who doesn’t want to use a cloud-based solution.
Here are some actions you can take to improve password security:
1. Go to haveibeenpwned.com to see if your passwords have been compromised and change them ASAP.
2. Don’t use any of these 55 common passwords compiled by LeakedSource.
3. Don’t use the same password for more than one site/account.
4. Ensure that every one of your passwords is “strong.” Use a passphrase if it is supported. A passphrase is an easy-to-remember collection of words that is long enough to be basically unhackable but easy for you to type in and remember. “My funny friend Julie is certainly a silly goose” would be an example. If you can’t use a passphrase, use all of the options below to make sure your password is strong:
Special characters, such as exclamation points, dashes, hashes, colons, semicolons or periods
At least 12 characters; this exponentially ups the time it would take a dedicated computer to hack it (as long as the password follows the best practices above)
Don’t use: real words (unless it is a nice long passphrase!) or a predictable formula, such as using a zero instead of an “o”
5. For any site that offers it, turn on two-factor authentication for your accounts, which gives you a code via your phone when you change your password.
6. Don’t have your internet browser remember and autofill passwords. “If your computer or the browser is ever compromised, the passwords go with it,” says Rishi Sood, Affinity Technology’s Vice President of Operations. That’s why we suggest using a program like KeePass or LastPass; the latter will safely autofill passwords for you.
7. Change your passwords every 30 to 90 days.
Extra Steps for Businesses
Implementing a smart password strategy that ensures all employees use strong passwords is part of the bigger security plan we provide at Affinity.
In addition to delivering IT support when something isn’t working properly, we provide strategic expertise. We know that there’s a lot that businesses don’t know about technology and security, and we do — and it’s our mission to use our knowledge to look out for our customers in the world of IT, technology, business continuity and security.
Not sure what your company’s password policies are? Reach out to us to discuss this important issue.
Prospective customers can call us for a free evaluation at 602-439-4989 or email us at firstname.lastname@example.org.