When was the last time you thought about changing all your passwords? Unless you run a large organization or have been the victim of a cyber attack, chances are it doesn't regularly cross your radar.
Unfortunately, this lack of awareness often leads to a lack of caution, which makes it all that much easier for hackers to get exactly what they want from you.
According to recent research released by The Kapersky Lab, nearly half of all Internet users have shared their passwords with someone else. This suggests a common but dangerous assumption: that only large companies need to be on guard against hacking and cyber attacks.
Fortunately, there are simple ways that both personal and business users can keep their passwords secure. Here we'll outline some of the most important safeguards you can have in place to protect yourself against malicious online activity.
1. Create hack-proof passwords
According to SplashData's 5th annual "Worst Passwords List," passwords are getting longer; unfortunately, they aren't getting better. Some of the most commonly used passwords of 2015 were:
- 123456
- password
- 12345678
- qwerty
- 12345
- football
- welcome
- login
Doesn't take a genius to crack those codes! According to SplashData CEO Morgan Slain, though many people are becoming better about choosing passwords, the ones they come up with are still largely ineffective. "We have seen an effort by many people to be more secure by adding characters to passwords, but if these longer passwords are based on simple patterns, they will put you in just as much risk of having your identity stolen by hackers."
Probably no password is 100 percent hack-proof, but keep in mind that longer and more complex is always better. Choose unique passwords for each site or login, and make sure they don't rely on information a hacker could easily guess (your mother's maiden name, a pet's name, your birth date, etc.).
Make your passwords as complicated as possible; use a combination of letters, numbers, and symbols. Many experts recommend choosing a sentence you can easily remember -- for example, a favorite saying or a line from a movie -- then using the first letter from each word.
2. Never share your passwords
It sounds obvious, but how many of us actually follow this advice?
Sharing your passwords with family, friends, and co-workers may seen innocuous -- these are the people you trust the most, after all -- there's no telling who's listening. And because many of us use the same passwords over and over, this can make us vulnerable across all our accounts.
If you absolutely must share a password, at least make sure you don't do it digitally. Then change it at the first possible opportunity.
3. Take extra precautions when in public
Even the most complex passwords can easily be hacked if you fail to cover your tracks on a public computer. Library, university, and shared work computers may seem safe enough, but can be easy targets for would-be hackers.
When you use any public computer, be sure to:
- Log out of all accounts you've accessed online
- Always uncheck "save login information"
- Keep an eye out for any suspicious characters hanging out near your workspace
Even if you never use public computers, there's a good chance you access public WiFi. You may feel safe and secure, since you're on your own device, but keep in mind that anyone who's using that network can potentially see what you're doing on any unencrypted site.
One of the best ways to protect yourself when using the web in public is to use a virtual private network (VPN). A VPN secures your Internet connection, which ensures your data is encrypted and your passwords and activities remain private.
For more tips, here is a here is a good primer on staying safe when you employ public WiFi.
4. Use a password manager
Remembering each of the strategies above every time you need to create a password or access a site can be difficult. Fortunately, a good password manager can automate much of the process. Some of the ways they help include:
- Creating and storing long, complex passwords unique to each website or account
- Automatically detecting phishing sites so you don't inadvertently share your password with a spammy locale
- Allowing you to create and remember nonsensical answers to security questions; this way hackers don't have a hope of guessing your answers
- Safely storing confidential information on your computer (e.g., credit card info, Social Security number, etc.)
Here's a great rundown of all the ways a password manager can help keep you secure online.
5. Business owners: Enact a password security policy
If you're a business owner, you need to be aware of the risks posed by the password practices of your employees. According to this infographic, most IT departments significantly underestimate the amount of sensitive information ex-employees have access to; in fact, about 89 percent of former employees retain access to Facebook, Salesforce, PayPal, or other corporate accounts after they've left a company.
To keep your company passwords as safe as possible, consider the following best practices:
- Require that all passwords be changed frequently.
- Create accounts for individual users rather than allowing access to one company-wide account.
- Provide and require the use of password managers on all work computers.
Conclusion
Whether you're using the Internet for personal or business purposes, protecting your passwords should be a top priority. If you have a good password manager and some common-sense safeguards in place, you'll have a much higher chance of keeping your passwords safe and secure.
What steps do you take to keep your passwords secure? Share with us below!