Passwords are the key to access your online presence, whether it’s your banking accounts, social media or apps on your mobile. Keeping them safe is of the utmost importance, since anyone who has access to them can either steal from your accounts or impersonate you.
Here are a few tips which will keep your passwords safe.
1. Safety in Variety
Never reuse your password. If one site does get hacked, the first thing cybercrooks do is to buy these databases of hacked passwords and try them elsewhere. Always use a fresh one for every new signup.
2. Strong passwords are easy to remember but hard to guess
Despite various recommendations on keeping cryptic passwords, make them long and unguessable, humans are not geared to remember a bunch of random numbers or letters.
A password with a bunch of random words, capitalisations and symbols are easier to remember like gReedy#dOnkey^criEd which is easier to remember than a random Ge8&fg28bn8!
Easily guessable passwords like 12345678901, showmethemoney or mypasswordrocks though they may be long, are not secure. Password crackers use number combinations, dictionary words and phrases from sports or pop culture to break passwords.
3. Keep your passwords in a Vault
If you sign up for new sites, apps and services very often, don’t depend on your skills to recall passwords. No matter how random we think, our random passwords are we tend to end up reusing them across.
Use a password manager like LastPass, 1Password DashLane or KeePass which will help you generate truly random passwords, and help you fill in these password. Most of these integrate well within your favourite browser and have mobile apps.
If you do insist staying low tech and writing your passwords down in a notebook, don’t keep it lying around near the computer. Lock that nice and safe.
4. Lock your Mobiles and Laptops
If you use password managers on your mobile or laptops, always set a screen lock with a password to unlock it when you’re away. What’s the point having your passwords safe in an app, by your laptop open for anyone to steal your passwords?
5. Give unknown apps and public computers and WiFi a miss
Do not enter your password on a public computer, like the ones in an internet centre or other’s mobiles. If an unknown app or website asks you your email, banking or social network’s account details, do not enter it there. If you connect to a public Wifi like the ones at a coffee shop, hotel or airport, do not type in your passwords since we don’t know who’s snooping around on those networks. If you really have to use a public Wifi, use a VPN service to secure your connection.
6. Use the Second Factor of Authentication
Second Factor Authentication (2FA) is a fancy name for a One Time Code (OTP) which sites or banks send you on your mobile or email to gain access to your account. Where ever possible, enable 2FA on your account, so even if your password gets compromised, people cannot gain access to your account without entering the code.
7. No Passwords and OTP over phone calls
Despite how urgent the call may seem, do not share your passwords, ATM pins or OTPs over the phone. Banks or sites never ask for this over the phone. Even if the person says that he’s an authorised bank employee, don’t do it! It’s surprising how often these phishing attempts take place.
I’ve had seemingly genuine callers from banks and insurance agencies ask me to verify my date of birth, phone numbers and OTP codes which appear on my mobile over the phone. I end up telling them that I’ll go over to the offices to do any verifications.
Image Credits: Public Domain Images from stocksnap.io