For every account, there is a password.
The trouble is, you probably have a lot of accounts. In an increasingly digital world, people are signing up and assigning passwords like never before. But if someone gets hold of one of your passwords, your personal information, finances or data could be at risk.
In fact, according to Verizon’s recent Data Breach Investigations Report, compromised passwords are the cause of 81% of hacking-related security breaches.
With so many to hold onto and keep track of, it’s no wonder that most people let their password security upkeep fall through the cracks. So, what can you do to make sure your passwords are in safe hands? Here are a few best practices to be aware of in 2021.
Significantly longer passwords are the way of the future
For a long time, you were probably told to make your passwords more complex. That method worked — for a while. Today, hackers are more skilled, specialized and capable of cracking complexity.
This is why the National Institute of Standards and Technology (NIST) recently updated their guidelines to suggest shooting for a better password length instead. Decryption tools have a much easier time cracking shorter passwords, even if they’re very complex. This is because longer passwords inherently have far more permutations, or possibilities, to sort through.
Use multi-factor authentication whenever possible
Multi-factor authentication (MFA) is a technology that is designed to require two or three points of independent authentication. In other words, MFA uses a system where passwords are not enough for entry.
The system requires an additional method; either a security token, like a code, or biometric authentication, like a thumb-print. Smartphones, for example, often use all these methods in combination. MFAs provide an added layer of security to your accounts so that even if a password is compromised, your data may still be safe from hackers.
Never reuse passwords
One of the biggest mistakes you can make is reusing passwords. If one of them is stolen, you risk jeopardizing any other account to which that password has been ascribed.
As many as 66% of people reuse passwords across multiple accounts, according to research by Google and Harris Poll. By simply using unique passwords and never doubling-up, you can avoid ever allowing one security breach to rollover into another.
Don’t use personal information
With so much personal information already readily available, you’re better off not putting any in a password. Otherwise, you risk making an attacker’s job much easier when attempting to crack into your account.
Generally, the same goes for password hints. You are better off not putting any personal information in any hints, either, for the very same reasons. The NIST, in fact, also warns against these practices in their updated guidelines.
When you change a password, change it entirely
Too often, when somebody is prompted to change their password they hardly change it at all. Instead of setting a completely new word altogether, they’ll simply change or add a number at the end.
“Password1,” as it turns out, meets most complexity requirements that currently exist. Remember, length and distinction are far more important than ease or memorability.
With so many passwords, keeping them all secure is no easy task. But if you follow these best practices, you’ll be well on your way to digital security.