Start 2014 with a fresh list of strong, secure online passwords. Especially when it comes to your most important accounts — email, banking and anything connected to your credit cards or payment sources like PayPal — changing passwords regularly remains your best protection.
We’re betting you’ll find a few new techniques to protect your passwords among our collection of safe password strategies here.
1. Use strong passwords. We’ve all been drilled to create passwords with a minimum of eight characters — but longer is better, and you should absolutely take advantage of that. Your password should include a mix of uppercase and lowercase letters as well as numbers and symbols.
2. Avoid easy-to-guess words, including anything out of the dictionary. On the no-fly list: your name and the names of family members, your company, your hometown or birthplace, pet’s names, and numbers such as birthdays and ZIP codes. Don’t choose random words from the dictionary; hackers regularly use programs that search for real words within passwords.
3. Don’t answer secret questions outright. The answers to many secret questions that guard the security of account passwords can be easily gleaned from public sources on the internet, giving thieves an open door to your accounts. Instead of handing over your mother’s maiden name or the name of the high school you attended, adopt one or more incorrect answers. Or insert your own password hint that has nothing to do with the question itself; for example, to answer a security question about the year you were born, create an answer that reminds you of “my favorite Coldplay lyric.”
5. Offset your keystrokes. A weak password can be strengthened by simply shifting your hands one direction or the other on your keyboard. For example, “MichaelG” typed one space to the right becomes “<ovjsr;H” — yet the password remains simple to remember.
6. Upgrade from a passwords to a passphrase. Consider the strength and personal memory recognition of abbreviating an entire phrase. Use the first letter or two of the words of a favorite lyric or quotation. For example, “the quick brown fox jumps over the lazy dog” becomes “tqbfjotld” or (stronger still) “thqubrfojuovthlado.”
7. Register for online accounts using a temporary email address. If you need to register to use a website but you don’t need to continue to receive mail from them, you can register for and confirm an email address that lasts just long enough to complete an online account registration.
8. Use a different browser for sensitive log-ins. Choose one web browser for day-to-day web surfing and another when it’s time for banking and personal email. That way, if you pick up a keylogger or other problem while surfing, you won’t automatically endanger your vital email and financial security. A recent comparison of Mozilla Firefox, Google Chrome and Microsoft Internet Explorer conducted by Accuvant Labs found that Chrome was the least susceptible to security attacks.
9. Store your passwords in an electronic “vault.” Password management tools such as LastPass, MaskMe, and PasswordBox let you store passwords on your computer or mobile device, secured by a single master password. One word of caution: Unless the service you choose offers web-based access of some sort, if your computer or mobile device is stolen, your passwords are gone.
10. Choose two-step authentication whenever possible. More and more services are beginning to offer a second level of authentication for your account, usually in the form of a text message to your mobile device. That text contains a code you’ll need in addition to your password to access your account from an unknown or new device or to change your password. Two-step authentication is especially valuable and well worth the extra trouble for email and financial accounts.
Changing your password regularly will be much less of a chore when you use these password management strategies. Regular password updates will make sure your personal information stays safe and secure all year long.