Passwords are the digital key to your most important personal information, but are you taking the right steps to keep this personal information away from others? An alarming 81% of all data breaches are due to stolen or weak passwords. People genuinely don’t realize that password security is of the utmost importance. It takes no time at all for cybercriminals to infiltrate your network and gain access to accounts with weak or reused passwords.
We want to share our best tips to help you to not become a statistic when it comes to password security. Take a look at our six tips to keep your passwords safe!
1) Use a password manager
Password managers are a necessity in today’s world. With a password manager, all the user has to remember is one master password. The master password is strong & hard for anyone to crack, but also memorable & unique to the user. This password is the only one that you’ll have to remember. Think of a catchphrase that only you would know. Once you’re in the password manager, it will generate a special password for every website that you use, including new credentials. There are plenty of great password managers out there on the market. At IronTech Security, we use 1Password. Myki, LastPass, and Bitwarden are also great options.
Examples of a good master password:
2) Never use personal information for a password
While you might think “of course you’re not supposed to use any personal information for passwords”, you may not realize that you share personal information every day with people that could easily use it to gain access to your accounts. Things like your hometown, birthplace, the street you grew up on, or high school mascot can all be used to guess a password. This information can also be used by cybercriminals claiming they are the account holder. All they have to do is click “forgot password” and answer a security question where one of the above examples could be inserted as an answer to gain access to an account.
3) Don’t write your passwords down
If you have a password manager, this shouldn’t even be necessary. Writing down your passwords is extremely dangerous. Whether you’re writing it down with pen and paper or on the notes app of your phone, it’s a big no-no. If you do this at work, you’re extremely vulnerable to having your passwords stolen from an insider threat. Anybody and everybody in your office can find those passwords and have instant access to all of your private information including your bank account, credit card, email accounts, and other extremely personal credentials. Even writing down your passwords and leaving them at home is a bad idea. While your home is your safe space, there’s always the possibility that someone could see it and gain access to all of your passwords and accounts. There are passwords on these accounts for a reason. Use a password manager to keep your accounts safe.
4) Don’t reuse passwords
52% of adults reuse the same password for multiple passwords which is a frightening statistic. While most people do this because it is the easiest thing to remember, this is a bad idea. For example, if a hacker successfully gains access to one of your accounts with a reused password, they’ll try to use that same password for other accounts until they finally gain access. It’s somewhat of a domino effect. They’ll keep trying that password on as many accounts as possible, and at that point, the cybercriminal has hit the jackpot.
5) Be cautious of entering passwords on unsecured wifi networks
This is a tip a lot of people need to hear because it’s not always common knowledge. Public or unsecured wifi networks are hotspots for hackers because people don’t realize the dangers of them. Snooping & sniffing and Man in the Middle attacks are two of the most common dangers out there. While using public or unsecured wifi, one wrong click can mean your information is visible to malicious actors that are creeping on that wifi network. Our best advice is to stay away from public or unsecured wifi networks as much as possible, but if it can’t be avoided, try to refrain from entering any of your personal information or clicking on anything suspicious.
6) Use multi-factor authentication when possible
Multi-factor authentication is a great invention! Here at IronTech Security, we suggest using multi-factor authentication whenever you possibly can. There are some websites or accounts that don’t allow this feature, but it seems to be becoming more of a normal occurrence. A few examples of multi-factor authentications are having a code sent to your email, having a code sent through text message, entering the last four digits of a social security number, or entering a PIN after logging in. We use Duo!
Check out our infographic on the 6 Tips for Password Security!