Passwords are the first, and sometimes last, line of defense when it comes to data security. It’s vital to use strong passwords for all of your devices and accounts. What constitutes a strong password? Here’s a quick refresher:
- The length should be at least 8 characters, with some security experts now recommending 15+ characters.
- The password should include upper and lower case letters, numbers, and special symbols if the system or service will allow it.
- Your password should not be a single dictionary word. One of the most basic hacker attacks involves cycling through dictionary words in an attempt to break a password.
- That said, pass phrases, which combine multiple common but unrelated words into a lengthier phrase can be extremely secure. For example, you might take the last four street names you’ve lived on and add some punctuation: “Oak 12th Franklin Main!” That pass phrase includes upper and lower case characters, numbers and special characters (both the spaces and the exclamation point), but it’s considerably easier to remember than a gibberish password like fe@3d?!ERc1#.
- You should use different passwords for different services/devices. One popular hacker strategy is to hack small, minimally secured sites to obtain a list of email addresses and passwords. The hacker then takes those combinations over to more secure websites, like web mail or a banking site, and tries to use them to access more valuable data. Using different passwords insulates you from that type of exploit.
- Never write down your password in an unsecure location. The classic mistake is the sticky note on the monitor with the user’s passwords written on it, or nearly as bad, an unencrypted text document on the computer filled with the user’s passwords. If you need help keeping track of your passwords, use a tool designed for that purpose like LastPass or KeePass.