How many passwords do you have? If you’re like most of us, you’ve lost count (or perhaps, you’re using the same password for everything).
Banking and credit card accounts, social media accounts, your company’s website, software logins, even online retail logins – they all require one. We all understand why and we’re glad, really, with personal and business ID theft so prevalent. Yet choosing and managing all our passwords strains our brains, especially since making them easy for us also makes it easy for hackers.
As a marketing and communications agency that works with many client websites, we see loads of room for improvement with passwords.
“Obviously, we don’t want anyone to gain access to our banking, credit, or investment accounts. But the danger is actually broader than that. It’s really about someone presenting themselves as you or your business for all kinds of reasons, none of which you want.”
We all want to secure our information. Keeping hackers from gaining access to your accounts is a first line of defense. They are getting more sophisticated in cracking them, so we have to make sure we’re staying a step ahead.
“There’s really no such thing as an unbreakable password,” Sam Frizell wrote in an article for Time in 2014. Hackers use powerful software to crack our codes, but we can defend ourselves by being savvy with our passwords.
Probably the first vulnerability most people think about when it comes to ID theft is financial. Obviously, we don’t want anyone to gain access to our banking, credit, or investment accounts. But the danger is actually broader than that. It’s really about someone presenting themselves as you or your business for all kinds of reasons, none of which you want.
Your website and email marketing, among other things, represent you and have value. We advise following these guidelines to create strong passwords and protect all your valuable accounts.
Improve your website password strength in four easy steps
Enable two-factor authentication. Technically, this is not a password. It’s an add-on, a second lock and key, and it’s simpler and quicker than it sounds. Once you’ve enabled two-factor authentication, you’ll first sign in with your password, then you’ll be sent a text message with a one-time code that you’ll need to enter in the next sign-in field before you are allowed to enter the site. With two-factor authentication in place, someone would need to steal your phone as well as your password to get into your account. The code can usually be emailed or phoned instead, if you prefer.
We highly recommend that you set up this safeguard for your website, email, and any financial accounts at a minimum. Basically, say yes to two-factor authentication any time it is offered as a security option.
If you run a WordPress website, we highly recommend the paid version of Wordfence Security. It’s worth every penny!
Create a “passphrase.” Rather than just one word, pick a phrase and mess with it. For instance, “For once in my life” becomes “41c3inM^l!f3” or “birthday cake and ice cream” becomes “6R+hdAK@k3&!c3mKR3@m” – you get the idea.
You may have noticed that sometimes sites wisely require passwords to be at least 12 characters long. Your passphrase will help you meet that requirement. Also, some sites will refuse to let you in after a certain number of failed password attempts. A passphrase will set the hackers up to get locked out.
Use lots of symbols, the more the better. See our examples of passphrases and use your imaginations. Keep them guessing.
Don’t use real words or phrases. These are so easy to hack you might as well put out the welcome mat.
We probably don’t still need to say this, but just in case: Don’t use a universal password on all your accounts. We know, it’s tempting, but resist. Each account needs its own.