It seems that news about a breach of security that results in the stealing of usernames and passwords seems to be an everyday occurrence these days. The news, from Hold Security, that Russian hackers have created a list of 1.2 billion usernames and passwords come as a surprise because of the number of login credentials that have been stolen.
The real danger of such a list is that many users use the same username and password for many websites, which now allows the Russian hackers to get access to more sites than they managed to steal the credentials from. In order to protect your online identity and data, here are some tips to help you create stronger passwords to help keep the hackers at bay.
Use Unique Passwords
Never use the same password for multiple websites, always try to create a unique password for each website. I explained the reason above – if a hacker were to get your password from one website, they can then try to log into another site with the same password (provided the username is the same). If you used a different password, then the hacker wouldn’t be able to gain access on a different site.
Create Long Passwords
When it comes to passwords, longer passwords are always better than shorter passwords. Try to create passwords that are greater than 12 characters, because with the processing power of computers, shorter passwords can be cracked easier. The longer the password, the longer it would take a computer to brute-force the password.
Use Uppercase, Lowercase, Numbers and Punctuation
This tip is a common one, but is still a good idea. You should always try to mix up your password with various combinations of uppercase, lowercase, numbers and punctuation with your passwords. When doing so, however, it is also important not to create too common patterns. By this I mean, don’t always start your password with uppercase, or replace certain characters with punctuation (such as S with $). Be creative, or use a random password generator that won’t follow such rules.
Change Your Passwords Periodically
This tip is one that most people probably won’t follow, mainly because of the work involved. While it does require work, it can make it harder for a hacker to guess your password, as they may have a password for a website that you have already changed. If you are like me, you probably have over 100 passwords to manage, so changing them periodically does take time, but a password manager can help you there. At the very least, change a password when you know a site you use has been compromised.
Enable Two-Factor Authentication
More and more sites are starting to add two-factor authentication, which I feel most sites should look at implementing. Two-factor authentication means that you will need to provide an additional piece of information along with your username and password when logging in. The most common two-factor authentication involves a unique code that is generated every minute. Because the code is generated every minute, it becomes almost impossible to guess.
Use a Password Manager
There are many opinions on using password manager, but I am a big fan of using one, especially since I have many passwords to remember. With a password manager I can create a randomly generated password for each site and store them without having to worry about what the password is for the site. I use LastPass, which I find to be very secure and haven’t had any issues with using it. There are many tips you can use to secure your passwords in LastPass.