Cybersecurity in 7 Steps: Creating Tough Passwords to Stay Safe Online
If you spend as much time on the Internet as I do, chances are you’ve made a few passwords in your day. Before I made my living as a writer, I used to work on people’s computers. Most of the time I would hear the same old complaints about computers running slow and people thinking they might have a virus because that’s what they heard on TV.
Before I started to do anything, I would warn people that when I was done, they would have to log back into all the websites they normally visit. If I had a nickel for the number of times I saw the look of dread come over someone’s face, I’d never have to write another blog. That’s when I realized that many people are just flat out horrible at creating and then remembering passwords.
Because i’d often have to restart a computer a few times, I’d ask for the computer password so I didn’t have to bother people to log in every time. I’ve seen practically every single bad password ever created. From the abysmal “1234567890” to “password” to “abc123.” If I didn’t have a conscience, I probably could have easily hacked a few bank accounts.
As someone who has seen it all when it comes to computer security, and since we’re all spending a ton of time on our devices these days, I want to share a few easy tips I’ve learned over the years to help you make stronger passwords and maybe help keep you a bit safer online.
How Passwords Get Hacked
There are three common types of attacks that online hackers use to try and figure out your password.
The first type is a dictionary attack. This means hackers will throw a dictionary at your account to see if your password is a common word found in the dictionary. More often than not, people will use an actual word they use often because it’s easy to remember. Hackers know that and that’s why the first step is to just try every word in the dictionary.
The second type is a brute force attack. As the name suggests, a brute force attack tries millions of potential combinations of passwords a second to crack your computer until it finds the one that works. The more complex your password, the longer it takes to figure it out.
Lastly, the third attack is called a phishing attack, pronounced “fishing.” Phishing attacks are more common in emails, which is why it’s never safe to click on links inside suspicious emails. The links lead to fake websites that look like legitimate versions of well known websites. Except, the point is to get you to login to your account so they can capture your username and password.
Tip #1: Dictionary Words Make the Worst Passwords
If part of your password is a word that can be found in a dictionary, you should consider changing your password. Remember that dictionary attacks will scour every single word in the dictionary to find your password. Since most people use a simple word for their password, it won’t take long to crack your password.
Tip #2: The More Characters, The Better
The more characters in your password, the more difficult it will be for hackers to crack it with their programs. A password with only five or six characters is far easier to crack than one with twelve or thirteen.
Tip #3: Use Symbols and Numbers
Passwords should never consist of just letters. There should always be at least two or three numbers as well as special characters like !@#$ spread out all over your password. Additionally, using a combination of both uppercase and lowercase letters will increase your password’s overall strength.
Tip #4: Gibberish Makes for Great Passwords
As mentioned before, dictionary attacks will use every word in the dictionary to find your password, but if you create words that make absolutely no sense this renders that avenue pretty useless. Even if your password is full of just uppercase and lowercase letters, the fact that the words make absolutely no sense makes for a strong password. Add in symbols and numbers, and your password is tough as nails.
Tip #5: Never Use the Same Password Twice
Not since my early days of using the Internet have I ever used the same password twice. Imagine if the same key that opened your front door also opened your car door, your storage locker, your best friend’s house, and your office at work. It would be pretty horrible if someone got that key, wouldn’t it?
Using the same password twice puts you at risk in the event a hacker is able to figure out what the password is. They’ll likely try to use it against other websites they know you visit to see if it works for them as well. An easy rule of thumb is: If you need to provide personally identifiable information on a website, it not only gets a strong password, it gets a unique password.
Tip #6: Password Managers Make Things Easy
Remove that fear of dread of ever forgetting your password and use a password manager to manage all of your logins for all the websites you visit. Whenever you log into a website for the first time, the password manager will ask you if you’d like for it to remember the password from now on. This way, you’ll never have to remember your password for that site. Your password becomes encrypted on a server and the only one who will ever have access to your login credentials is you.
When it comes to password managers, there’s both good and bad news. The good news is there are many free password managers online and many are already built in to browsers like Firefox and Chrome. The bad news is you also have to have a password for your password manager.
In order to keep your passwords secure, you will have to set what is called a master password. This master password gives you access to all the passwords your management program has saved in the event you ever need to access them to delete a login you no longer need. However, forgetting your master password could be a major problem. Remember when I said only you will ever have access to your login credentials? Not even the company who manages your passwords can access your account. So if you forget your master password, you’re pretty much out of luck.
Tip #7: Keep Your Computer Free of Viruses
All of these tips will be for nothing if you aren’t doing your best to keep your computer or devices free from all of the malicious software out there on the internet that infects millions of computers everyday. A simple virus called a keylogger can record every single keystroke you make on your keyboard and send that information back to a waiting hacker. Your complex password is now compromised.
Regularly run virus scans on your computer, keep your browsers updated, never click on links in a strange email, and never visit websites that seem sketchy.
The harsh reality of cyber security is that with enough time and effort, every password can be cracked. But while that may be true, practicing these few tips can make your Internet experience much more secure for the future.