The weakest link in your cybersecurity set-up may also be the most overlooked aspect: your passwords.
Think about it. When you open an account, how much time do you spend considering your password? A few seconds? Or, even worse, do you just reuse the same password for every account?
Research continues to evolve regarding password best practices in order to stay ahead of cybercriminals. While some of the following advice may sound familiar, others are based on new information.
Don’t get personal: Your job is to make life difficult for a hacker. Providing personally identifiable information (PII) in your passwords—such as your name, birthdate, home town, house number or pet’s name—that cybercriminals can uncover through public records or social media accounts gives them a head start at cracking your passwords.
Emphasize length: Generally, longer passwords are less likely to be cracked. Focus on generating passwords that are at least eight characters; even bumping them by a few more characters makes your password exponentially harder to guess.
Enable the “show password” option: How many times have you been frustrated by being unable to see what you’re entering in the passcode field of your log-in screen because it’s disguised? Some companies now allow you to clearly view what you’re typing.
While it seems counterintuitive, making your password visible can be a good idea (when you’re in a secure environment). It enables you to catch your typing mistakes, and avoid unnecessary password resets due to mistakenly thinking you’ve forgotten your password. Resetting passwords too often leads to an increased potential of data exposure.
Be careful where/how you enter passwords: Entering your passwords on public or shared computers or when using public Wi-Fi intensifies the risk of having your passwords compromised.
If you’re forced to use a public computer, log off after your session and check to make sure the computer didn’t automatically save your password. And if you enjoy browsing your accounts while outside your home, access them through a hotspot created with your phone or a virtual private network (VPN), which provides a secure, encrypted connection instead of trusting public Wi-Fi.
Use multi-factor authentication: Applying multi-factor authentication (MFA) can strengthen your password security by protecting access to your accounts. MFA requires you to provide two or more credentials when logging into your account. Doing so makes it more challenging for hackers because they’ll need to supply more than your password to access your account.