Password hacks are becoming more common as people’s online accounts contain more sensitive personal data. Even big, trusted sites like LinkedIn, LivingSocial, and Dropbox suffered password breaches in the past.
And because 78% of people reuse their passwords, it becomes more likely that a password hacked on one site can open accounts on other sites.
Here’s how to prevent your data from being compromised in 5 easy [albeit non-exhaustive] steps:
1. Stay away from English-language passwords
One of the biggest mistakes that internet users make is using English words in their passwords. English words make hacking passwords far easier for a potential hacker.
Given that there are only approximately 500,000 words in the English language and that there are approximately 70 typable characters available on an English keyboard, that means that for password of 8 characters in length, there are 9,440,350,920 combinations available for an 8 letter password.
That number skyrockets once you create even longer passwords. Clearly, there is significantly more diversity in using characters rather than just English words.
2. Create fake security answers
Which street did you live on when you were ten? What is your mother’s maiden name? STOP. DO NOT SUPPLY THE CORRECT ANSWERS.
Think about it: if you give the correct answers to these questions, you’re giving companies and potential hackers even more extensive information about yourself. Plus anyone can find these answers on data broker websites for only a few dollars, so they’re hardly secure.
Giving the wrong answers to these questions, even answers that aren’t actual words, can add another layer of protection.
3. Have a favorite poem or song?
One of the easiest ways to create strong passwords is to use something that you’ve already committed to memory. Many articles have been published about using a “base password” to remember all other passwords by, and simply adding the name of a website to the end, such as for Amazon.com: passwordAMAZ. We wanted to take a different approach by implementing things you might have already committed to memory. For instance, let’s take a popular poem like Edgar Allen Poe’s “The Raven:”
Of course, any song, poem, or even sentence that you have memorized can be applied to this example, along with any letter combination.
One of the most important reasons as to why this method works so well is because it always functions on those websites that don’t allow special characters in passwords. Also, remember that this method could always be combined with numbers/special characters for increased security (such as spaces (_) or symbols (*,&,#,@,$,%, etc.).
4. Protect your passwords with a password manager
Password managers are an effective and cheap solution to encrypting and storing your passwords. Most password managers also have a function that automatically fills login information for you upon visiting a website.
Password managers come in two different genres, but both provide adequate password protection. The first group is based locally (i.e., on your device, not online) and includes password managers such as 1password and Roboform (desktop version).
5. Test your might – entropy might, that is
How strong is your password? One of the best ways to find out is this Dropbox Tech blog post by Dan Wheeler. Compare the following images, which pit our “Raven” example from above against the word “password:”
An excellent feature of Wheeler’s demo is that you can try all sorts of combinations to try to get the “entropy” (i.e. the randomness) and crack time as high as possible.