Are you making one of these 4 password mistakes?
How strong do you think your passwords are? No, that doesn’t mean, “have your password been hacked yet?” – those are not the same questions. While you may not have had an account hacked into because of an easily guessed password yet, that’s not to say that you shouldn’t still consider your passwords carefully. Or, even better yet, have a Password Manager handle the matter for you.
Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are not considered to be strong or complex enough.
Passwords protect email accounts, banking information, private documents, administrator rights and more – and yet, user after user and business after business continues to make critical errors when it comes to choosing and protecting their passwords.
We all know how frustrating it is when trying to pick a password for a new account you’re setting up and the site keeps telling you it doesn’t meet all the criteria…
It needs to have numbers.
It needs to have symbols.
It needs to be a certain length.
It can’t be the same as your last password.
And on and on. It feels like this never ends – and really, is all this fuss over passwords truly necessary?
Yes – in fact, just last year a report showed that 86% of more than 2 million breached passwords were identical to passwords that had already been breached.
How is this possible, if everyone’s passwords are long, complex and unique?
Hint – they’re not.
The top 10 most common and repeatedly breached passwords in this report include:
The question is – are any of the above one of your passwords? Even if they’re not, are you making a similar error with any of your passwords?
Let’s find out.
Are making these mistakes with your passwords?
Find out for sure by considering these 4 common password mistakes:
- Length and Complexity: Keep in mind that the easier it is for you to remember a password, the easier it’ll be for a hacker to figure it out. That’s why short and simple passwords are so common – users worry about forgetting them, so they make them too easy to remember, which presents an easy target for hackers.
- Numbers, Case, and Symbols: Another factor in the password’s complexity is whether or not it incorporates numbers, cases, and symbols. While it may be easier to remember a password that’s all lower-case letters, it’s important to mix in numbers, capitals, and symbols in order to increase the complexity.
- Personal Information: Many users assume that information specific to them will be more secure – the thinking, for example, is that your birthday is one of a 365 possible options in a calendar year, not to mention your birth year itself. The same methodology applies to your pet’s name, your mother’s maiden name, etc.
However, given the ubiquity of social media, it’s not difficult for hackers to research a target through Facebook, LinkedIn, and other sites to determine when they were born, information about their family, personal interests, etc.
- Pattern and Sequences: Like the other common mistakes, many people use patterns as passwords in order to better remember them, but again, that makes the password really easy to guess. “abc123”, or the first row of letters on the keyboard, “qwerty”, etc., are extremely easy for hackers to guess.
Ready to put your passwords to the test?
It’s one thing to skim over a list of common password mistakes and assume you’re probably still OK.
Sure, maybe that one password is based on your pet’s name, or maybe that other password doesn’t have any capitals or numbers – what’s the big deal, really?
If you’re so confident, then why not put it to the test?
Click here to test how secure your password is – take a few minutes and try a few.
How’d you do?
Probably not as well as you’d hoped, right? The reality is that truly complex passwords can be difficult to come up with, and even more difficult to remember.
That’s why a Password Manager is so useful…
What is a Password Manager?
One of the best ways to maintain complex passwords is with a password manager. Password managers are the key to keeping your passwords secure.
A password manager generates, keeps track of and retrieves complex and long passwords for you to protect your vital online information. It also remembers your PINS, credit card numbers and three-digit CVV codes if you choose this option.
Plus, it provides answers to security questions for you. All of this is done with strong encryption that makes it difficult for hackers to decipher.
Which Password Manager should you choose?
That’s a bit of a difficult question to answer.
To start, the most popular Password Manager available today is likely LastPass. This solution consistently ranks high against its competitors‘ thanks to its free, premium and family versions, a range of features, and pedigree of quality. More than 13.5 million people and 43,000 businesses use LastPass and its range of features:
- This manager creates long, randomized passwords that protect against hacking
- It will sync your passwords with all of your devices, including your smartphone
- This will save you time when shopping online by completing forms with my address and phone number
- It also provides two-factor authentication using my mobile device
- Storage for unlimited logins
- Automatic form completion
- Biometrics (finger and thumbprint reading) for access
Premium membership for LastPass costs $36 a year ($4 a month) and includes password sharing with those you designate. This membership also provides priority technical support if you need assistance.
However, there’s a catch – as LastPass is likely the most popular choice, it also makes it the most enticing target for cybercriminals.
Think about it. If a criminal is going to try to break into a “vault” (whether it’s full of passwords or gold bullion), they’ll probably go after the one with the most valuables in it, right?
That’s the double-edged nature of popularity in the cybersecurity industry.
The more users, the more data, the bigger the target. However, don’t forget that with more users comes the ability to further enhance their defenses and develop robust security to protect them.
How do you set up a Password Manager?
Using a password manager is pretty simple. When using LastPass (or even one of its competitors like Dashlane or 1Password), you simply download and install the software. You must also download and install the extensions for the different browsers you use.
If you want to use these password managers on your smartphone, you must download their mobile apps. None of this is complicated and should only take a few minutes.
To set up an account, you must provide your email address, and you’ll also need to come up with a master password—a long, random, complicated one, along with at least one security question. Then you must provide information about your various accounts.
You can either import passwords that you have stored in your browsers or let the password manager store your username and password when you log in to a website. Once you get started, the password manager will help you along the way.
Do you really need a Password Manager?
Honestly? Not necessarily, depending on who you are.
You do not need a Password Manager if you can do the following on your own:
- Create long, complex, unintuitive strings of characters, unique for each account you access on a regular basis
- Memorize each and every one of these passwords
- Update them on a regular basis
If you’ve got a photographic memory, then yes, maybe you can get by without a Password Manager.
But for the rest of us? A Password Manager does the difficult and necessary work of remembering legitimately secure passwords for us – all you have to do is remember that one master password.
In the end, creating and using strong passwords can be frustrating, but it’s incredibly important. Privacy and security are major concerns for personal users and businesses alike these days, and so you have to be sure that you aren’t making it easy for hackers to access you or your business’ private data.
Like this article? Check out the following blogs to learn more about password management:
Password Management For Law Firms (Questions/Answers)