There was a time when you only really saw hackers in movies, and often they were the good guys. Sometimes you’d even get a montage of a hacker typing away while a driving, synth-heavy pop tune played. But today hackers are a major, persistent threat, and your passwords are your first line of defense against intrusions.
Make Your Passwords Complex
The days of using Fox Mulder’s X-Files password “trustno1” for everything are long gone. It’s still one of the most-used passwords, and even a novice hacker would be able to crack it with little trouble (possibly just by guessing it). Other extremely common passwords include “password,” “abc123,” “monkey” and “password1.”
The time has come for your passwords to be long, nonsensical strings of letters (upper and lowercase), digits, and special characters.
How Secure Is My Password? is on online tool you can use to compare different types of passwords (I’d still recommend against entering your actual passwords into the site, just because). Type a password into the box and the site will tell you how long it would take a computer script to hack it. Compare these screenshots from the site for these passwords:
Going longer than 16 characters can push that number of years into the octillions, nonillions and decillions, but one trillion years is probably plenty. Keep in mind that the website above is sponsored by Dashlane, a password manager program (I’ll get to those shortly).
Don’t Reuse Passwords
Don’t use the same password for multiple websites or apps. Hackers who gain access to one username and password combination will attempt to use that same combination on other sites, especially financial accounts and sites where additional personal information might be obtained. If your login information for some discussion board you haven’t used for months is compromised, and you’ve used that same username/password combination for all your online banking activities, the hackers probably aren’t as interested in posing as you on the message board as they are in trying your credentials out on a few of the larger bank or credit card websites.
Don’t Let Passwords Get Stale
You also need to change your passwords every so often – twice a year is a good start. Data breaches have happened recently (the Cloudflare bug earlier this year, for example) that exposed millions of users’ information. It’s a good practice to regularly create new passwords for all the sites you use (and even the ones you don’t use as often).
Use a Password Manager
Use long, complicated passwords, use a different one for every site, change them all the time – okay, but how are you supposed to remember them?
A password manager is a program (usually a browser plug-in for desktop and laptop computers, or an app for tablets and phones) that stores your passwords and can automatically fill in your login information on sites. Your passwords are kept safe with up-to-date encryption technology, and you only have to remember a single master password. These programs can also automatically generate strong passwords that will stump a brute-force attack.
There are a lot of different password managers to choose from, and many have both free and paid versions. Lastpass is one of the most popular, and the Premium version is only $12 per year. Dashlane is highly-rated, but at $40 the price is a little steeper. PCMag has two articles that give a nice rundown of the best ones, both free and premium, and their features: