The internet has changed and simplified our lives in so many ways. You can buy almost anything you want and have it shipped to your door within hours and stream nearly any news or entertainment right in front of you all with only a few simple clicks. The internet is a world of it’s own and full of endless possibilities, but that comes at a price, and it can sometimes be unsafe. This is why online security is very important. Ensuring what is yours, stays yours and safe, starts with a strong password.
Sure, you can unlock your smartphone with your fingerprint and face these days, but the concept of a password will remain relevant for a very long time, so it’s best to make sure you’ve created a good one. You may think you have a pretty great method to creating a unique and secure password, and you certainly may. However, the tips below can help you understand exactly what to look for and how to be smart about creating a password.
Before we let you in on the “dos” when it comes to creating a password, you should first know the “don’ts”. While some of these may seem like no-brainers to you, they are here for a reason, and that’s because several people forgo the “musts” out of convenience. Whether the convenience is that their password is easier to remember or they think they are being clever, please avoid the following:
01. Don’t share your password
Hey, you know what’s a terrible idea? Sharing your password with others. Sure, you may have your friend’s Netflix login, but that’s your friend’s fault and if you were someone with more nefarious intentions, it would be another story. Moreover, with multiple people knowing a password, the chances of a misstep are that much higher.
02. Don’t use personal information
News Flash! Your personal information should stay personal, so be sure it stays out of your password. Sure, you can give your name out freely, but even a not-so-seasoned hacker could easily crack your password if it was simply your name, followed by a few numbers. (Blake123 = not secure.) Also avoid using birthdays, or the names of your family, friends, or pets. These are easy go-tos for cyber-pirates!
03. Don’t use the same password elsewhere
This will most certainly make some people cringe, whether they know it’s smart to do or not. The idea of having to create a unique password for each and every service you use online is not only daunting and intimidating, but it can also give you password anxiety. (How am I going to remember all these passwords?) If your password is cracked on one service, you can expect the perpetrator to begin using the password on other services you may have to see if you use the same password, so it’s imperative that you don’t. Just don’t.
04. Don’t make your password “password”
It pains me to have to even write this, but there’s a bad password epidemic out there, and some of the most common passwords are just terrible, and no, not clever. Take a look at the top 10 worst passwords of 2017 below:
Now that we’ve shown you a thing or two on what NOT to do, we’re going to show you some useful tips to consider when creating a strong password.
05. Make it long enough for security, but short enough for memory
The optimal password length is 8-12 characters and 8 has a tendency to be the minimum character count for many services. The rule of thumb here is that the longer the password is, the stronger it is. Said rule is also a bit of a double-edged sword, as a longer password may be more easily forgotten.
Hackers use algorithms to continuously test all possible combinations of a password until it’s cracked, so you can think of each character in your password as a wall they need to get through. Be sure to come up with something easy enough for your to remember but would be hard or almost impossible for others to guess. (AKA: Get weird with your passwords.)
06. CAPS, num3r5, & $pec|@l characters
You shouldn’t be too surprised to know that adding unique characters to your password can drastically strengthen its security. The algorithms that hackers use primarily attempt to try every word in the dictionary, so the inclusion of capital letters, numbers and special characters can help throw them off.
Your password should contain a combination of lowercase and uppercase letters, numbers, and special characters. Doing so can make it significantly harder to crack.
For example, according to a password checker, the password “ilovewix” could be cracked in as little as 35 minutes with a standard desktop PC. If you were to change the password to “Il0v3WiX” the length of time it would take to crack would be 25 days with a standard desktop PC. Of course, the latter password isn’t what we would call “secure,” but it should illustrate the importance that characters, numbers, and capitalization of letters can play in making your password more secure.
Fun fact: The password “EyeL0v3WIx43vEr!!” would take about 13 quintillion years to crack.
07. Try “phrasing” your password
Passphrases are another popular and secure way to go. Phrases can be easier to remember than an overly complex jumbled word that you meticulously crafted, and since they include spaces and punctuation, special characters are already included.
If you don’t want to end up with a very long passphrase, you could take the first two letters from each word and combine it into a password. Take something like your favorite song lyrics or movie quote, in that way you’ll remember it and chop it up. For example:
They’re coming to get you, Barbara = Thcotogeyoba = Th’C02Geyo,Ba!
08. Password “refresh” every few months
This one is going to be right up there with “not using the same password for other services” for some. People crave convenience and remembering several passwords that you’re required to change every three months sounds anything but. This may seem like a terrible task, but we couldn’t imagine it being worse than having all of your data stolen from you because you used a password you created when you were in high school. Trust us, it’ll be worth it.
09. Use two-step authentication when you can
An increasing popular extra layer of security is two-step verification (or two-step authentication), which requires a second action after successfully logging into a service. This will usually come in the form of receiving a text message or an email with a time-sensitive pin number that you must input before you’re able to use the service. It’s great, as it requires access to another source that you should undoubtedly have. However, it’s not an excuse not to use the other helpful tips mentioned above.
10. Use password tools to relieve your memory
Last but not least, don’t forget to take advantage of the free password tools available to you. From password checkers that can show you just how strong a given password is and as shown above, how long it would take to crack. Other tools, like LastPass, can give you a sense of relief when it comes to juggling several passwords. The gist is that with either a browser extension or from the website, login to multiple services with their own, individual passwords, which will be saved to a password vault of sorts. Then, you create a “master” password, and you will only need to use that one for services that are stored in your vault. It may require a dense initial setup, but it will alleviate the need to constantly remember several passwords.