Passwords are an integral part of day-to-day life, even more so since large numbers of people moved to work from home and are continuing to do so. It’s more important than ever to make sure you are operating in the most secure way you can. In this post, we will look at some of the most effective practices to improve your online security.
Forget the obvious
Don’t use passwords that contain information that is readily available about you. Your birth date, partner’s or children’s names or your hometown can be easily found and are not secure. Additionally, low-effort offerings like “12345”, “qwerty” or better yet, “password” are not going to do you any favours.
Instead, use long passwords with a mixture of (wherever possible) numbers, special characters and lower/upper-case letters. Use unique passwords for your accounts and try to create passwords that use more than one word. And to reiterate, don’t include personal information in your passwords. If you’re unsure whether your password is safe enough, online tools like comparitech or thycotic can give you strength analysis to work with. We know it’s a lot to think about and if the thought of keeping track of all of this is overwhelming you might want to try our next suggestion
Use a password manager
There are a number of tools available that allow you to create, store and manage your online passwords. Browsers like Microsoft Edge, Google Chrome and Safari all offer a built-in password manager that can make life a lot easier. If enabled they can suggest strong passwords that can then be saved and stored. They will update your passwords if you change them and can even notify you if there has been a data breach associated with any of them. If you would rather use a standalone service, there are plenty available both free or for a fee. Some examples are:
- LastPass
- Bitwarden
- 1password
- NordPass
- Keeper
Use multi-factor authentication (MFA) where possible.
MFA or 2FA (two-factor authentication) has become progressively popular with a rise in data breaches affecting even seemingly untouchable companies. Many services now provide you with the option to enable additional authentication, in the form of a security question or a one-time code sent to your mobile device or email. Apps on your smartphone can even utilise biometrics like fingerprints or facial recognition to provide an extra layer of security. Essentially, if it’s offered, use it. It might seem like a nuisance at the time to set up, but it’s invaluable in the long run.
Check whether your emails are associated with data breaches
Have I Been Pwned is a powerful tool that can show you whether your email addresses (or phone numbers) have been involved in any data leaks or breaches. It will tell you which websites associated with that email address have had incidents and what sort of information was compromised.
And finally, don’t give your password to anyone
This might seem obvious, but we mean anyone. That includes your IT Department.
