Coming up with complicated new passwords for online accounts can be a real hassle. You often need the correct mix of upper and lower case letters, numbers and special characters, and memorizing them all can seem like an impossible task.
Here, we’ll share some tips on how to manage all of your passwords, as well as some techniques for generating varied and secure passwords for your accounts.
1. Don’t use the same one on everything
It’s obvious, but it bears repeating. You’d be surprised how many people have just one password and use it for all of their accounts. While this certainly makes it easier to remember, it also means that if you get hacked on any account, you’ve essentially been hacked on all of them if you’re also using the same email address or username. .
As tempting as password reuse may be, it’s important to make sure you have a diverse collection of passwords to make it difficult for hackers.
This can be too daunting for many people, because keeping track of so many passwords is just too inconvenient. This leads to dangerous behavior, as reported by Naveed Islam, head of information security at payment service provider Dojo.
“Passwords are the digital keys to just about everything on the web, from checking email to online banking. The rise of online services has led to a proliferation in the use of passwords This has led to password fatigue – the feeling felt by many people who have to remember an excessive number of passwords as part of their daily routine. people reuse the same password across multiple websites, using simple and predictable password creation strategies.Attackers exploit these well-known coping strategies, leaving individuals vulnerable.
Security and convenience are not easy things to line up, but hopefully if you can adhere to some of the suggestions below, you can at least mitigate the risk.
2. Do not use information that is easy to guess
A common way to remember passwords is to use birthdays, pet names, your mother’s maiden name, and most often a combination of these.
It might sound smart, but for anyone serious about breaking into your account, these are some of the first things they’ll try. Also, these are usually the kind of questions you get asked when filling out forms or even taking silly quizzes on Facebook and other platforms. So even if you think only you know this information, chances are it is available on the internet.
The trick with passwords is to be as random as possible, so associating them with information that directly concerns us is not a good idea.
3. Do not use any of these common passwords
Every year, various researchers publish the most used (and usually cracked) passwords that people think protect their data. Unfortunately, the same tend to pop up quite regularly. Here is the list of the most commonly used passwords in the United States in 2022, as reported by Dashlane, and it’s truly amazing that anyone still chooses them.
- Password
- 123456
- 123456789
- 12345678
- 1234567
- Password1
- 12345
- 1234567890
- 1234
- Qwerty123
It won’t be long before this list changes, as many of these mediocre efforts won’t be enough because websites require special characters, numbers, and other things. The thing is, if you use one of these passwords, change it immediately.
4. Avoid themes
As mentioned above, you’ll want to make the elements you use for the basis of your password as neutral as possible, as this helps prevent personal information from slipping through or using obvious patterns of letters and of numbers.
A recent report by Dojo described the most commonly hacked passwords around the world and the top themes they belong to. Here are the top 10:
- Pet names/terms of endearment
- Names
- Animals
- emotions
- Food
- Colors
- big words
- Shares
- Family members
- car brands
So if you want to create better and more secure passwords, avoid using them as inspiration.
5. Use two-factor authentication
Most major sites and apps now offer support for two-factor authentication when logging in from a new device. This usually involves getting a verification code via text message to your phone or using a verification app.
The idea is that the hacker needs your physical device to be able to access your account, which is much rarer than a simple software hack. It’s a bit complicated, but absolutely essential if you want to protect yourself from potentially weak passwords.
6. Good rules for a strong password
The more you mix upper and lower case, special characters (such as $%^&), and numbers, the better. Also start your password with a number.
You’ll find a variety of suggestions for creating a password you’ll remember, such as the first letters of a common phrase, music lyrics, or whatever else you’ll remember.
And replacing letters with numbers is another tactic. For example, use 0 instead of o, 1 instead of I, 4 instead of A, 3 instead of E, and special characters such as @ instead of o or a.
For example, bigbrowndog becomes b1gbr0wnd@g.
It’s not too hard to remember or type. And you should also capitalize the first b, or even each individual word for an even stronger password.
It’s best to avoid short passwords, as they require less work to crack. Also avoid combinations, such as the initials of yourself or your family or business, as patterns are things that can be hacked faster than random items.
Nicknames, endearments, brand names, and even your star sign can give you away, so avoid them if possible.
This can be very difficult for normal people to create because our memories are trained to remember things, which usually involves some sort of pattern or association. Luckily, you don’t have to do all the work yourself as there are tools available that can do the job easily and probably more securely.
7. Use a password generator
The fastest way to find a long and strong password is to use a generator. These apps (which can also be found on websites) will automatically generate random passwords that can include any mix or length and characters you need. They are usually free and very easy to learn.
Here is the generator that is part of the free Bitwarden password manager:
Jim Martin / Foundry
You can read more about using a password generator.
8. Use a password manager
We believe the best way to deal with the growing need for more complex passwords is to use a password manager. These will act as a central hub for all your login information, automatically generate new random passwords for your accounts, and auto-fill login fields on apps or websites on your behalf.
The best part is that you only have to remember one password for the service itself, and then the password manager does everything else.
Some of the most popular services include Dashlane and 1Password, but you can check out our current crop pick in our roundup of the best password managers.
You can also let your web browser save credentials for you or your phone. But none of these are truly universal and won’t log in on all your devices and in all apps. This is why a password manager is the best option.
Table of Contents