Have you ever felt irritated when signing up for a new account, and you've had to re-input all your details just to meet a pre-existing password standard?
Most people have. Luckily, these password limits serve a purpose: ensuring a strong password for your account. A good password should be:
- complex (not easily guessed and following no pattern)
- unique (not recycled from other accounts)
- impersonal (not connected to any information in your life like birthdays, addresses, or age)
Unfortunately, people still have some habits that make these automated safeguards less effective. As a Managed IT Service Provider (MSP), we've had to step in to help multiple clients practice better password security.
But we believe good password habits should be practiced by everyone online - not just businesses we're partnered with.
So in this article, we'll go through:
- Tips and tricks for making strong passwords
- Common password mistakes
By tackling these two topics, you'll be well on your way to having all the qualities of a good password - and protecting yourself from people who'd steal your data.
4 Tips and Tricks for Making Strong Passwords
It's easy to take passwords for granted - but they shouldn't be taken for granted as they're often the first line of defense against cyber criminals. There are four rules you can follow to make strong passwords:
1. Include special characters.
Special characters are keyboard characters that aren't a letter or a number. The most common special characters are "!@#$%^&*()", which are all used for creating a stronger password. Including special characters significantly increases the strength of your password, as it adds more possibilities hackers need to go through.
2. Use a different password for each account.
If you ever sign up for a website that gets hacked, criminals won't be able to use the data they collected to open up your other accounts. This is particularly important for institutions dealing with personal data, such as banks, online stock markets, educational institutions, and more.
3. Do not use any personal information.
We'd like to think that our passwords are safe once we hand over our data. But that's not the case. Password leaks are a common problem in this day and age. By keeping your data - such as birthdays, addresses, and names of important people - out of your passwords, you're lessening hackers' chance of accessing this data.
4. Make each password completely randomized & long.
All the best passwords are randomized and at least 1216 characters long as these help against brute force attacks. Without a pattern to follow, hackers can't quickly gain access to your accounts.
5 Common Password Mistakes
While there are best practices, people also make many mistakes when creating a password.
1. Using the same password for multiple accounts.
It seems like every website and its dog wants you to create an account, and we know how tiring it can be. It's all too easy to recycle passwords and simply substitute a letter or two - but this is a bad practice that can cause you to lose more than you expect.
Once hackers have one of your passwords, they'll immediately try different variations of it because of how typical password recycling is. If you're one of the unlucky few with data credentials in criminals' hands, you've become a much easier target if you recycle passwords.
2. Using one of the most common passwords.
The most common passwords are:
- 123456
- 123456789
- 12345
- qwerty
- password
These are easy to remember but also extremely easy to crack, according to Safety Detectives. Keep these common passwords out of your accounts.
3. Including personal information to remember passwords
A lot of people use different tricks to keep track of their passwords. Often, users utilize personal details like birthdays, addresses, or even phone numbers to have a "catch-all" password.
For example, you can use the phrase West Avenue and change it up to wesTAv3nUe! and then just alter a couple of capitalized letters or special characters per website. Others use the numerical form of their birthdays as part of their password, like 0130 or 1214.
By embedding these personal details in your password, you are opening attack points for hackers who can get this data.
4. Keeping simple passwords
Simplicity is the enemy of strong passwords because they're much easier to crack. Between a password like hapP1neS$ and h#K;eckLw (B1, the second phrase is much harder to crack.
5. Not having a password manager
One of the biggest hurdles of having a strong password is constantly forgetting the password. If you've followed all the tips and tricks for a password, you've probably had to reset a forgotten password once or twice - or more.
This time-consuming scenario is easier to bypass if you have a reliable password manager. Options like LastPass, 1Password, and KeePass are all programs you can use to keep your passwords safe.
About to Make Your Best Ever Password?
Overall, passwords are an important line of defense for your data. Making secure, complex, unique and impersonal passwords can be done by focusing on randomizing each password for each account.
Unfortunately, it's still all too easy for data to be hacked. At ITS, we always tell our clients that there's no 100% uncrackable password - and their best bet is to have multiple layers of security beyond passwords.
The idea of having more than one layer of security is how Multi-factor Authentication (MFA) and 2-Factor Authentication (2FA) came into play. MFA and 2FA are additional obstacles hackers need to overcome when accessing your account, as they function as a secondary password.
So aside from making the strongest passwords you can, read 2FA & MFA: What They Are, Why You Need Them & Best Practices. By implementing 2FA & MFA in partnership with great passwords, you're giving hackers a harder challenge - and discouraging them from exerting effort into breaking your account.
