We all know how frustrating it can be when you’re asked to update or change your account’s password/s, but it may not always be clear why. Having a strong password policy can avoid a number of dangers like identity and credit card theft. Even with new security technologies like two-factor authentication becoming mainstream, it is still just as important to have a strong password policy. For websites, devices and services that have two-factor authentication, fingerprint readers or other additional security measures, we recommend using those as well as strong passwords.
Limiting Multiple Hacks
It is easy to use the same password over and over since it’s much easier to remember one single word or phrase. However, it also means if one password is compromised, every account you have is now accessible. Changing your passwords frequently will make it so that even if someone does get a password, they cannot use it for multiple accounts.
Prevent Continued Access
Not all hackers will take what they need in one visit and leave. They may access your account/s and continue stealing information over a period of time. By changing your password you can reduce the risk of other people accessing accounts.
3 rules to remember when using passwords:
1. Choose a strong password. (See suggested rules below)
2. Never, ever reuse the same password for any reason, ever.
3. Change your passwords often. (Recommended every month)
Prevent Password Exploitation
If you switch or share computers with other people, or if you get rid of old computers without reformatting, it’s possible that anyone who uses your computer will have access to your saved passwords and accounts. If you have to send a password to someone, do not send it via email. It is relatively easy for an email to be hacked into and read by others, especially if there are unsecured servers involved. If you have no other option than to email someone a password, or if you receive a password via email, change it immediately! This can usually be done in account settings as soon as you log into a service/website.
Note: we do NOT recommend sharing passwords at all; this exponentially weakens security, as it creates multiple breach-points. We understand sharing passwords happens, so if you have to do it, perhaps do it via a phone call if you can.
Choosing a Strong Password
When selecting a new password, you want to choose something that can be safe from guessing and hacking. Some basic rules to follow are to ensure your passwords are at least 9 characters, contain a combination of letters, numbers and symbols. Avoid using any personal information such as important dates, addresses’, and don’t use simple words and phrases; if you do, make them grammatically incorrect.
One handy trick we recommend using is coming up with a short word or phrase, and shifting all the keys you type to the right (i.e. an “a” would then turn into an “s” and a “5” would turn into a “6”). For example, the password “butterFly” would turn into “niyyrtG;u.” Another trick is to put a number or symbol in the middle of a word, rather than the beginning or end. For example, “but5terFly” is more secure of a password then“butterFly5.
It may seem impossible to remember strong, unique passwords for every account; instead, we recommend using a password manager like Zoho Vault or 1Password.com, which generates and securely stores secure passwords for you, which are all accessible by remembering one single password.