Having strong password security is like healthy eating: we all know we should be doing it, but few of us actually follow through.
We choose passwords that are easy to remember and quick to type, like '123456' and 'password' - which are the two most commonly used passwords, according to SplashData's sixth annual ‘Worst Passwords List’. But using common, easily guessed passwords like these make your data (and your business) an easy target for cyber criminals.
Striking the balance between strong but memorable passwords is a challenge, so here are some dos and don’ts for strong password security. You should also check out our 8 essential tips for creating a strong password for more advice and guidance.
DO use alphanumeric
Your password should contain a variety of characters including lowercase letters, uppercase letters, symbols and numbers. The better the mixture of these forms the harder your password is to crack - you can read more on this here.
DO make it memorable
To help you remember your password, try simplifying a phrase or using a sentence. For example, simplifying ‘I have 2 sons: Tom & Jerry’ to ‘Ih2s:T&J’ makes for a strong, memorable password.
DO use different passwords for different sites
Remembering one strong password can be tough, so it’s tempting to use the same password across multiple wesites and apps. But here's the thing: hackers rely on that kind of laziness to steal your information and seize your accounts.
In the US, more than a third of consumers who share a password across accounts do so for their online banking, too. Absolutely do not do that: if a hacker hacks one account, they’ve hacked them all. Reduce the risk of having your accounts hacked by using a separate email for all social platforms and another email for the non-important sites that require a log in, so that if one account does get hacked the criminals can’t reset all your other passwords.
DON’T write it down
If you must keep a note of your password to remember it, disguise it in a phrase or change the letters in a way that you would recognise but no one else could. Keep the note close by, too, so you will notice if it goes missing.
DON’T create a folder of passwords
There’s no use going through the effort of creating strong passwords if you write them in a Microsoft Word document and then put them in a folder on your computer.
If a hacker gets through they will have full access to your passwords, and to all other protected information. A safer option is to use password management software such as LastPass that stores and encrypts all of your passwords.
Refresh or regret
Cyber crime is a fast-growing threat in today’s online world, but no one thinks it will happen to them. They’re wrong.
Cyber criminals targeted more than 2.9 million British businesses in 2016, bringing the total cost of cyber crime to £29.1 billion. And yet, the Norton Cybersecurity Insights Report found that while people are aware of the need to protect their personal information online, they are not really 'motivated' to stay safe.
Clearly the message still hasn’t got through: password security matters.
Don’t be the person who regrets not having strong password security. Refresh your passwords often, follow best practice and stay secure.
Note: this article was originally published on 1st March, 2016. It has since been updated.