Passwords are unavoidable in our lives. Between your email, social media accounts, streaming services, and other accounts, you likely have a list of login credentials you must manage. With this information overload, it’s easy to cut corners on how to choose a password. Of course, each set of login credentials is its own access point to your information; the last thing you want is to have these access points be vulnerable to hackers.
Investing time and effort into properly setting up and maintaining your passwords is well worth the hassle if it means that the baseline of security is as strong as it needs to be. The following are some tips for how to choose a password and maintaining your password security:
Don’t Reuse It
Imagine how secure your home, car and locked cabinets would be if they all shared the same key. Nobody would want to be this vulnerable for the sake of convenience in their real lives, and yet many people will use the same password across accounts.
Don’t Write it Down
It may be a pain to memorize your passwords, but it’s much more secure. Far too often, employees who feel comfortable at their workstations will leave a post-it note with their password affixed to their monitors. Keep in mind that your workplace is a public place. Coworkers, visitors, and cleaners can be in and out of your workstation, and a rogue post-it note is just an open invitation to your network.
The University of Wisconsin-Madison’s Information Technology blog has a wonderful article on how you can craft memorable, secure passwords that will eliminate the need for written records.
Longer passwords with mixed characters (upper case, lower case, numbers, and symbols) are ideal for an effective password. By integrating different characters, you avoid having common phrase passwords that are vulnerable to brute force hacks like dictionary attacks.
When Necessary, Change it
This is a balancing act. If you are prompted to change your password too frequently, you’re more likely to use an easier-to-remember (thus, easier-to-hack) password. You may also make the above-noted mistake of writing it down.
As Lorrie Cranor suggested in a 2016 Federal Trade Commission blog, you should change your password when you feel it’s been compromised; if you have been logging into an account while in a crowded place, or if you’ve divulged your password to someone, change it.