What’s My Password Again?
How many of your text messages are one-time passcodes to unlock your accounts because you forgot the password? With the increase in cyber-attacks, companies require more complicated ways to verify that you are trying to log in, not an imposter. The complexities can sometimes feel frustrating, but we comply because the two-factor authentication gives us the illusion that our data is truly secure until the next data breach requires us to change our password.
British Comedian Michael McIntyre performed a hilarious stand-up routine about the early days of the internet when passwords were simple. You probably chose something easy to remember, like your birthday and some combination of your street address, ABC, 123, your child’s initials, or the beloved “password.” Those were the innocent days, but now the internet has become a dangerous place as if browsing online for new shoes is akin to walking down a dark city alleyway with no streetlamps. It’s no use clutching your wallet tightly; the thieves will sneak up on you unobserved. They are always watching. Computers search the web to learn our names, family members, birthdays, addresses (current and past), phone numbers, and more.
Your password is a digital shield protecting your data. You wouldn’t go into battle with tin foil armor, so why would you use weak passwords to enter the cyber minefield? The less complicated passwords of yesteryear are like an invitation for the bad guys to gain access to your secure information. Instead, build solid defensive passwords, and the criminals will keep looking for other, less guarded targets.
What Not To Use
Despite cybersecurity experts’ best effort to educate the public regarding password security. An analysis of over 15 million hacked passwords revealed that the most popular passwords in 2021 are:
Based on the research of common passwords, Cybernews.com identified the world’s favorite year, name, sports team, curse word, city, season, and food. You can see the full list here.
How To Remember?
A memorable password is relatively weak to a cyber-attack. Because a good password is impractical to memorize, most of us used the same password repeatedly or with slight variation. What we thought clever, replacing “a” with “@” and “e” with “3” computers learned too. So, when passwords contain a variant of such information, such as N3wOrle@nsHoneymoon, we think we’re safe when we are not. Unfortunately, it takes a computer virtually no time to figure that out and break in.
A “safe” password is long, random, and unique (used only in one place) – which makes password is almost impossible to memorize. Since you should have a different password for each login, remembering many good passwords is practically impossible for the non-savants among us. So that leaves three options. Write the passwords down manually or use a digital tool to assist with password management or use a passphrase.
What Is A Passphrase
The National Institute of Standards and Technology (NIST) offered recent guidance regarding password creation. Length of password is now considered much more important than password complexity. A passphrase is a combination of at least four random words strung together to make at least 15 characters. The extra length of a passphrase makes it harder to crack while using words instead of symbols makes it easier for you to remember.
Should You Write Passwords Down?
There is some debate among experts regarding writing down or digitally recording password in a spreadsheet. The concern is that it will not be kept safe. If you keep a digital copy, be sure your antivirus software, spyware, and malware remain up-to-date, and your system is scanned regularly. Consider password protecting the file as well. If you make a physical copy of your passwords, keep it in a safe place. If you decide to write them down, password notebooks are available for purchase in your local bookstore; in lieu of that option, you can print off the sample table below or copy it into a spreadsheet to record your passwords or passcodes and the corresponding websites and logins. If you print this list to complete it manually, be sure to store in a secure location.
|Communication (Internet, Cell Phone)|
|Entertainment (Netflix, Disney+, Prime Video)|
|Finance (Bank, Brokerage Account, Credit Cards)|
|Professional (Mailchimp, Zoom)|
|Protection (Insurance companies)|
|Shopping (Amazon, local grocery, department store)|
|Social Media (Facebook, LinkedIn, Instagram, Twitter)|
|Travel (airlines, rental car, hotels, Uber)|
|Utility (Electric, Gas, Water)|
Digital Password Manager
Google Chrome and other web browsers now suggest passwords with random letters, numbers, and special characters. Then, they offer to save those passwords. This benefit is great because you get a strong, encrypted password, and if you use your own password or passphrase, the browser will alert you if it is considered weak. But there are limitations to the browser memory system. For example, the settings can transfer from one device to another, and you may unknowingly be sharing your passwords with another computer because you logged in once. Third-party password managers generally offer more features that can help you keep your passwords safe.
For those looking for an extra level of security, use a highly reputable third-party password manager such as LastPass or Dashlane to store your passwords. These types of password managers live inside your browser as an extension. Two specific features increase the security of third-party password managers over browser managers. The first is your master passphrase, an extra layer of protection above being logged into your browser to protect your password vault. The second feature is multifactor authentication.
Multifactor authentication is the process of obtaining a passcode from an authenticator before gaining access to your vault. You download the app onto your phone and then log in to get a code to enter the third-party password manager on your browser. This level of security is not necessary for everyone. Still, it is something to consider, especially if you find yourself forgetting passwords frequently and you get more one-time password text messages than texts from friends or family.