Password Security – 5 Best Practice Tips

The world today is so cemented in online accounts varying from emails, social media apps, online shopping, streaming subscriptions, banking and more that it can seem overwhelming to remember every password used. Every user is different with how they maintain their password from where they store their passwords to what they use for a password. Some users may reuse their password for every account, others may use a variation of one password or different passwords. Users need to ensure their passwords are secure due to the sensitive information that these accounts can maintain. Here are 5 best practice tips to ensure password security:

1)Password Complexity – Passwords need to be complex to prevent hackers from force breaking (generating passwords continuously until the password works) an individual’s password. To ensure this does not happen, users should use complex passwords that are at least 12 characters in length and include lowercase letters, uppercase letters, numbers, and special characters. Users can also take it a step forward by using a passphrase (combination of words) following the same rules. For example using raindrop as our base, the passphrase could look like %ra!n(Dr0p)41. The longer the password and complexity of the characters, the more secure the password will be.

2)Do not reuse a password for multiple accounts and websites – This is the most common mistake that can be made. An individual may think their password is secure enough to use on every account and website until they are hacked. Once the hacker gets control of the password, they will attempt to use the password on every platform that the individual’s email account is tied to. The best practice to avoid this from happening is to use a different password for each account.

3)Do not store passwords in an email or document on your computer – Passwords should never be stored in an email or a document on your computer in the event that a hacker has established a remote connection to your device and able to control your device. A password manager application such as Bitwarden or 1Password, is a secure way to maintain passwords. There are other methods of storing passwords like keeping a physical copy of passwords and accounts in a notebook or a document on a flash drive, however both of these methods come with their own risks. A notebook or flash drive could be stolen by a burglar or lost in a fire, but could also be retrieved by a family member or friend in the event of an emergency. Do not use a sticky note in place of a notebook though, use common sense when storing passwords.

4)Do not share your passwords and accounts – Passwords and accounts should never be shared with friends or family. Sharing your account information with anyone, even if they are someone that you trust, runs the potential risk of your sensitive information being leaked from their device.

5)Use Multifactor Authentication when available – Multifactor Authentication, also known as MFA or 2FA, is a feature used by most reputable tech companies. This feature provides either a confirmation code via text, email, or QR Code through an authenticator app that needs to be provided in addition after your password is entered on an account. This feature ensures that if your password is being used by someone other than yourself, you will be notified. If you receive a MFA notification code and did not enter your password to access your account, you should change your password immediately.