We conduct so much of our lives online that coming up with a unique password for each of the platforms we use for our social lives, business, education, and entertainment is challenging. Even more challenging is being able to remember all of them.
Choosing passwords can be a headache. You want to have a password that provides security from online scammers, hackers, and criminals. However, you also need to be able to remember your password.
Password experts, NordPass, claim that you should be using passwords such as #hS569Uryde* and UGr2@&589YpM. These two combinations of upper and lowercase letters, symbols, and numbers top the list of passwords yet broken by hackers. Maybe this article will change that, so beware of using them from now on! Passwords constructed similarly to these will provide you with an improved level of security.
To ensure that you have the best chance of developing a secure password, here are some top tips on password construction:
Near Perfect Passwords
There is no such thing as the perfect password, but that should not prevent you from trying to achieve a password that is as near perfect as possible. Strong passwords contain a combination of upper and lowercase letters, symbols, and numbers. Ideally, passwords containing this combination should be random.
Some websites provide free password generators. However, these can often be difficult to remember, as there is nothing memorable about them apart from their uniqueness. If you find it difficult to remember a strong and secure password, try selecting a memorable word and then changing some of the characters to numbers and symbols. For instance, the word ‘elephant’ could become eL3p@N7. If you have any doubts about your password’s strength and security, you can check it at howsecureismypassword.net.
Number and Letter Strings
Stringing numbers and letters together as they are located on a keyboard, such as qwertyui or 12345678, are incredibly easy for cybercriminals to crack. The UK NCSC (National Cyber Security Centre) analysed online passwords and found that over 23 million accounts used 123456 as their password. This sequence was the most common password in use that hackers had already stolen. The second most common password was on hacked accounts was 123456789, with 1111111 appearing in the top five most common passwords.
Names as Passwords
Many people use the name of a pet, sports team, famous person, or family member as their password. The most common first-name to be used as a hacked password was Ashley, which was used by 432,000 accounts. Other popular names used were Charlie, Daniel, Jessica, and Michael. A popular football team name to be used as a password was Liverpool, with it being hacked on 270,000 accounts.
The reason that using your name, or other personal details and preferences, is that these things are all available to anyone on social media platforms like Facebook, Instagram, and Twitter. These places are the first resources a cybercriminal will access when looking for ideas as to what your password might be. Avoid using personal information for your passwords, as you are only making the hackers’ job easier for them.
Around one-third of the UK’s online population reuse the same password for multiple accounts. About the same proportion stated that they didn’t see any problem with doing this. Still, twelve percent admitted that they had not fully considered the implications of reusing the same passwords.
However, reusing the same password can lead to problems. If one of your accounts gets compromised, hackers will try the same passwords on other sites, potentially gaining access to your online data through a single password hack.
If You Suspect You’ve Been Hacked
If you suspect any malicious activity on your account, you should change your passwords immediately. Changes need to occur, not merely on the account that you suspect was hacked, but across all of your online accounts.
If you have any doubts about your passwords’ security, or if there has been any malicious activity on your accounts, you can install the Password Checkup from Google. This plugin for Google Chrome will run in the background of your computer’s browser, but it is not yet available for tablets or smartphones.
Whenever you input usernames or passwords, the programme checks the information against a database of four billion hacked account details. If your username or password matches any of these account details, you will receive an automatic alert. The information that Google collects using this service is held in an encrypted database that no Google employees can access
Regularly Change Your Passwords
It is clear that if you believe that one of your accounts has been compromised, you should immediately change your password. However, routinely changing your password every few months is a good practice to adopt as it makes things more difficult for hackers.
The main reason why people have straightforward passwords, and seldom change them, is because it is challenging to remember decent passwords. If this is the case for you, there are password managers available to help you. All of your passwords get held by the manager, meaning you only need to remember the one to gain access to the password manager.
Always protect your devices with a PIN, password, or locking pattern. Doing this will at least protect your data should your device get lost or stolen.