Your password is the modern-day key to all of your information and most people are treating them like keys left under the doormat.
Without proper diligence, strong passwords and regular changes you are leaving your personal information, systems and important gateways like internet banking and government portals open to intrusion.
Think it won’t happen to you?
Here is why your password is not safe in one number – 100 billion.
That is how many have been stolen and stored in the dark web according to The Australian Cyber Security Centre (ACSC). So, passwords are being pinched every day across the globe and plenty of those victims probably thought theirs was safe as well.
The most common mistakes we are all making
Now we are not saying most people are not trying. The average person is savvy enough not to use their own name as their password or leave everything set at. But there are a few common mistakes that we do make and the hackers know it. Always avoid:
Using the same password for everything: Most of us are guilty of repeating our passwords across … everything. Don’t. Get hacked once and they will have access to … everything.
Changing passwords by changing a single character: No this is not clever. You might as well use the word “password”.
Using personal information: Look, we get it. It is much easier to remember your passwords this way. But hackers are going to use your personal information as their first tool to try and crack your password so STOP IT.
Sharing your password: Don’t share your password, not with your partner, not with your mother, not with your family dog, not with that friendly chatbot that messaged you through Facebook.
How to generate a strong password
First of all, a password is not a set and forget process.
You should be changing everyone you have on a regular basis, preferably every 30 days but once every 90 days at a minimum.
Now, this is going to mean that you have lots of different passwords with hard-to-remember numbers, letters and characters that change every month or so.
So it is strongly advised you download a password manager like Dashlane, LastPass or Keeper to automatically populate your passwords. If your device is stolen, you can use these password managers to disable access remotely.
And when you are creating your password here are the tips you should follow:
Have at least 12 characters: Short passwords are far more easily cracked by tools used by hackers
Include lots of variety: Numbers, symbols, characters, lower-case letters, capital letters – mix up the lot.
Ensure that it doesn’t make sense: Don’t use actual, readable words. And no, swapping a letter for a number is not a secure way of getting around this.
Go completely random: If you are using a manager, you don’t need to remember your password. So just hammer at that keyboard for true randomness
And please, PLEASE don’t use a generator sitting freely on the internet. Who do you think put it there?