Use unique passwords and passwords to protect your online privacy
Strong passwords are essential for protecting your privacy online. Here’s how to create a strong password or password that you will remember and no one else can guess.
What is a strong password?
A strong password for your online accounts should be:
- Really random
- No shorter than 17 characters
- Different for each online account
- Changed every 90 days
There are some password practices you should avoid:
- Do not use the common “word + number” format.
- Do not include publicly available personal information, such as your birthday.
- Do not use common shortcuts and substitutions (eg, using “@” for the letter “a”).
What is a passphrase?
While most passwords are combinations of numbers, letters, and symbols, a passphrase is made up of randomly combined words. For example :
Passwords are both easier to remember and harder to guess than standard passwords. Just try to memorize the first letter of each word, or turn it into a song in your head. To defend yourself against dictionary attacks, you need to use at least five words, and they should be really random. You don’t want the sentence to sound like a sentence.
Password and password generators
To make sure the words you choose are truly random, use a free passphrase generator like Diceware or Secure Passphrase Generator. For an assortment of random letters and numbers use Norton Password Generator or Avast’s Random Password Generator. Many online accounts have specific password requirements, so you may need to add numbers, special characters, or a mix of upper and lower case letters.
We strongly recommend that you do not use easy-to-remember information such as your birthday or the year you graduated from high school. If you’re having trouble remembering passphrases, another strategy is to make an acronym out of a sentence.
It is generally not a good idea to write down your passwords; however, you can write the sentence as a reminder, and no one will know what it means if they find it. If you have multiple online accounts, you should use a password manager to keep track of your login credentials.
Use a password manager
As tempting as it may be, you shouldn’t be using the same username and password combination for all of your online accounts. Each account should have its own unique and complex password. Fortunately, you don’t have to remember them all individually.
Instead, you can use a password manager. This way, you can log into any account by entering the master password for a password manager. Some of the best password manager programs also come with built-in password generators.
If you want to know how strong your password is, use a password tokens like Password Meter.
No matter how strong your password is, it’s always a good idea to protect your online accounts with two-factor authentication (2FA) when possible. When you activate 2FA for Gmail and other services, you receive a verification code by text or email every time you sign in. Most banking services and social media websites support some form of 2FA.
Along with your online accounts, you also need strong passwords for all your devices, especially if you take them with you in public. In addition to passwords, most operating systems support some form of biometric verification. For example, Windows Hello uses facial recognition technology and Apple Touch ID uses a fingerprint scanner to identify who is trying to access your account.
Why are strong passwords important?
Passwords protect your online accounts from other people who use the same computer. Most importantly, they protect you from hackers who want to steal your personal information. If someone knows your electronic password, for example, they can know a lot about you, including where you bank, where you work, and where you live. Stolen passwords are often sold on the black market for nefarious purposes.
Hackers use several methods to steal passwords, including:
- Brute force attacks: A brute force attack uses automated software to guess passwords using randomized combinations of characters.
- Dictionary attacks:As with brute force attacks, random word combinations are used to guess passwords.
- Phishing: Hackers directly solicit private information using phishing emails, robocalls or deceptive links to get passwords from users.
- Recycling Credentials: If a hacker has your username and password for one account, they’ll probably try to use the same credentials on your other accounts.
What to do if someone else gets your passwords
If you suspect that one of your passwords has been compromised:
- Create a new, stronger password.
- Change the passwords for all associated accounts.
- Update your account recovery information.
- Keep an eye on your bank account for unauthorized purchases.
Your usernames and passwords can be compromised without your being responsible. Several high-profile companies, such as Facebook and Sony, have fallen victim to data breaches that exposed users’ login credentials. You can visit the website of Avast Hack Check and enter your email address to see if your privacy has been compromised. If so, you need to change the passwords for all accounts associated with that email.
Set up security questions and account recovery information when possible to further protect your accounts.