Here are 5 basic tips that can help improve your password security
The longer the password the more secure it can be. Each addition character makes the password exponentially more secure.
It’s mentioned above that longer passwords can be more secure, if the long password is actually a word that is in the dictionary then it isnt very secure at all, as it will be easily broken by a simple dictionary attack. So don’t use actual words, locations or personal information when creating your password.
Wherever possible use numbers, upper and lowercase letters and special characters. A password of just numbers means that there are only 10 options for each character of the password whereas if you use all of the options available there would be around 95 options per character.
- Don’t reuse your passwords
If a password expiry notice pops up at work or similar, the temptation is there to reuse the password you currently use or to switch back to a password you were using previously. The more secure thing to do is to create a brand new password each time this happens.
- Different passwords for different sites
It seems to be very common that people create a strong password and decide to use the same one for all their accounts. Doing that is actually less secure than using simple but different passwords for all of your accounts. Even if it is a really secure password all it takes is one of the sites that you have an account with to fall victim to a data breach and for your password to be leaked online, giving criminals the password to all of your online accounts.
- Don’t share your passwords
Only you should know your password and it shouldn’t be written down or stored/’hidden’ in a file somewhere on your computer. Remembering different secure passwords that you have created can be very difficult, there are password managers are available but they come with there own pros and cons.
- Wherever possible use two factor authentication
This will protect your accounts even if you password is compromised. It works by confirming the user is who they say they are by sending a confirmation code or similar to a device, such as a mobile, of the account holder.