Every time I work on someone’s computer I always ask what their password is? The answer I get is almost always similar to “123456” or “God123” or their dog or cat’s name, unfortunately most people use the same passwords everywhere including online banking and online shopping sites which is in my opinion very dangerous and easily cracked by hackers. Here is some do’s and don’ts.
Avoid Weak Passwords.
Do not use:
- your first name, last name, or login name, in any form
- consecutive or repetitive numbers or letters such as 12345678 or AAAAAAAA
- adjacent keyboard letters such as qwerty or asdfghjk
- common and obvious letter-number replacements (e.g. replace the letter O with number 0)
- easily guessed personal information such as names and dates of birth, wedding anniversary of yourself, family members, pets and close acquaintances
- easily obtained information, such as:
- address
- license plate numbers
- telephone numbers
- credit card or ATM numbers
- Social Security or Insurance ID numbers
- email addresses
- dictionary words, in any language, forward and backward
- popular book titles, movie titles, or phrases
- short passwords
Use Strong Passwords
- at least eight characters long, the longer the better, some websites allow up to 256 alpha numeric and character, others limit them to 32 characters
- a combination of upper and lower case letters, numbers, punctuation and other symbols
- quick to type, in case anyone is peering over your shoulder
There are many websites that offer a password generator script that allow you to generate a strong password, make sure you’re not using the same password everywhere on online sites, on your laptop, desktop, Wi-Fi access point or hand held smartphone
Norton LifeLock is one of many sites that will allow you to create a strong password, another 1password.com is another site you can use to generate passwords.
Multi-Factor Authentication
Many websites also offer Multi-Factor or 2Factor authentication, some major banks only offer SMS or Phone calls or email to send you a 6 or 7 digit number to authenticate your login, these aren’t very secure but better than nothing. Some major websites such Google, Coinbase, Amazon, Microsoft, and others actually offer the best MFA using an Authenticator apps along with hardware based MFA such as Yubikey from Yubico.com and Titan Security Key by Google