Online security is a balancing act between safety and convenience, and researchers say most people make a choice heavily weighted towards convenience. While passwords may feel like a necessary evil, the risk of using inadequate password protection is obvious.
The first step to using effective passwords is to stop taking the easy route. The most common password mistake is choosing something easy for you to remember: Pet names, hometowns, street names, nicknames, anything that easily springs to mind.
While you may think using the street name of your childhood home would be difficult for a hacker to guess, keep in mind a quick Google search can reveal a tremendous amount of personal data about you. All a hacker needs is a little information to make an informed guess.
Easy-to-learn details can be especially dangerous when used with a weak password recovery system. Say a hacker tries to gain access to an account. By hitting the "Can't remember your password?" link and answering simple verification questions using information they learned about you online, the hacker could access your account and even lock you out (from your own account!) by changing the password.
One of your social networking profiles could contain all the information a hacker needs to answer simple verification questions like the name of your pet, your mother's maiden name, the city where you were born, etc.
Stop using the same password for multiple sites or purposes. If a hacker guesses correctly once, they can use that password to gain access to other accounts or applications.
Software Can Help
Because keeping track of the many passwords we need can be challenging, and because recycling passwords on multiple sites can be risky, password management software can be a good choice.
Password management software stores your log-in details for websites in a protected file, and enters it automatically when you log into an online service. Most password management programs synchronize your password data with mobile apps so you can access information on a variety of devices without compromising your data integrity.
This is especially important in a small business setting, where most of the important tools used for daily operations reside in cloud and mobile apps. A password manager program will track the log-in credentials for each employee who needs to access a cloud account, making it easy to add and remove team members as your employee roster changes.
Password management software can also suggest strong, randomized passwords (using the guidelines below and other methods) that are safer than the easy-to-guess passwords most of us come up with on our own.
Creating Strong Passwords
So how do you create a strong password? The easiest approach is using password management software to handle that for you. Typical guidelines will include passwords that:
- Are at least eight characters long
- Contain special characters like $, @, *, %, or #
- Do not use words
- Include a combination of capital and small letters
Then focus on keeping passwords safe:
- Use multiple passwords; that way if one is compromised, your other passwords are still safe.
- Never provide your password by email or in response to a request by email.
- Don't type in your passwords on computers you do not control. Computers in other venues could be infected with spyware or keystroke logging software; don't enter passwords if it's not your computer.
- Never tell others your passwords.
- Protect your password records; don't tape passwords to the bottom of your keyboard, the inside of a drawer, etc.
Devoting time and attention to choosing strong passwords – and creating multiple passwords – will ensure you protect your business and personal information from unauthorized use.