Advice on passwords
I know it is a pain to have so many passwords on so many sites. Different complexity requirements for passwords, passwords expiring and you have to change it, and even different usernames! You just want to get to something or get something done! It can be easier, and you only need to remember one password if you use a vault. Keep reading!
- Using the same password on more than one site (or all of your sites).
- I’m not expecting you to memorize a million passwords! Help below!
- This is one of the truly big and often mistakes made. You must have read or seen a news story by now about password breaches. It happens all of the time. The sad truth is that as much protections that are in place, someone will either make a mistake, or a vulnerability will be found on one provider or another. Your first line of defense is that if your password becomes part of a public breach, you do not have that same password ANYWHERE else. It is guaranteed that any compromised password, will be attempted EVERYWHERE possible once it is on a list.
- Using any sort of identifying information in your password.
- You are just making it easier for someone to guess your password by using keywords in your life. Do not use your name, your pet’s name, or anything like that just because it is easier for you to remember.
- The old eight character password can be cracked for $125 out of a hackers pocket. That means ANY password eight characters long including numbers, letters, and even symbols.
- All a hacker needs to do is rent $125 of super computer power from cloud providers to hack by brute force.
- Using a password manager
- There are many of them out there, read up on comparisons if you like. LastPass, OnePassword, Roboform, any many others.
My recommendation from personal use is LASTPASS. A team member once showed me this application about 5 years ago and it has been my go to since.
It is free! You should start using it immediately. There are paid options for some premium features, but your own password vault is free and a vital thing to have today. I pay for the FAMILIES version so that I can share password content, just like I do in a business environment, but yes you can have your own password vault for free!
Not only can you track ALL of your passwords under one roof, you can also generate passwords at random for new places/sites/programs. You can securely keep track of any notes you want in there as well.
If you have a spouse, you can setup emergency access in many ways. You can grant immediate access to someone you trust, or provide a way for them to request access with a delayed ability up to 30 days. This waiting period gives you the option to decline the request of access if needed.
But my password is secure!
We would all like to think that we came up with the best password possible. Something really secure cause it has special little characters in it. Or only something you would know. Here is a cool little website that tests your password strength.
Not as secure as you thought I bet! Now the LASTPASS password vault only needs one password to keep it locked up. So you should create something long and test some with this website for a rough idea of really how secure it is. A sentence goes a long way!
2FA (Two factor) Login
Finally there is the two-factor. Two Factor is the additional protection of requiring a mobile device, or code generator of some sort that you will need as a second form of identification when you logon. I highly recommend you enlist in 2FA (Two Factor) whenever and wherever it is available.
You may think that this is unnecessary, or even just have disdain against an additional step to logon to something. A lot of sites are already requiring this secondary form of security and it should not be optional. However if it is optional, I highly recommend you enable it everywhere you can! Banks, Facebook, whatever it is you access. This is your identity and your life, PROTECT IT!
You may not truly be aware of the absolute ease of access being provided by your bank for example. Accessing your account and transferring money has been made super simple with the invention of smart phones. With all that power, comes great responsibility! Oops, stayed into the Marvel comics a bit, who cannot these days. But the truth is, even if you just write checks manually, your banks have provided means to access your account online. Take a look at the bigger picture here and realize that ONLINE means anywhere, anytime.
Want to see something mind blowing? Here is a REAL-TIME map of cyber attacks. This is when a malicious system is attacking another and tracked by just one protection provider.
If watching this for a few minutes, does not strike some awe and a little bit of panic in you, well I’m at a loss to convince you how hard it is to stay safe. Your home/castle may be nestled in security an comfort, but you really need to be aware that all of your online accounts are an extension of your home and it is under attack all of the time.
Be safe! Start with a password vault!