Beyond Strong Passwords
On the internet, your passwords are the keys to your entire digital life. Equipped with your login information, you have the power to manage your money, send and receive private emails and messages, manage your utilities and cell phone, look up a friend’s phone number or address, go on an online shopping spree, and more.
And so does anyone else who gets their hands on your passwords.
Passwords are one of the most important safeguards that a person can have between private information and cyber criminals.
But are you doing what you need to keep them safe?
Here’s Why Your Passwords Aren’t Safe
The number one threat to your passwords are hackers and other cyber criminals.
These are people who create programs and codes that enable them to breach the security measures of private and professional systems. Once the systems are breached, these criminals, or hackers, can steal passwords and other vital information. Equipped with your login information, they can steal your money or open up new lines of credit, use your identity to cover their own crimes, or sell your personal info to the highest bidder.
Fixing the damage of a lost password isn’t as easy as just updating your login information. Once a hacker lowers your credit score or steals your identity, it can be very difficult to fix the damage.
That’s why it’s crucial to learn how to keep your passwords safe from hackers to begin with.
How Do Hackers Learn Your Passwords?
Common threats to your password security include various types of malware and viruses that can infect your computer through emails, email attachments, or malware installed from websites or online advertisements.
An example of this is the Heartbleed bug, which breached the security of many businesses, including financial institutions. The bug was designed to create a vulnerability in OpenSSL encryption software, which is ironically meant to secure websites and data entered on those sites.
Malware that infects your computers often includes keylogging software, which stealthily runs in the background of your computer and keeps track of every key you press. A log is created and then sent to the hacker.
Logging into websites via a wireless connection can be hazardous. Unencrypted wireless access spots, such as those at Internet cafes or coffeehouses, are the most dangerous, since hackers can more easily snoop on what you’re doing online.
Take care when accessing websites pertaining to medical care, banking, or other services that deal with sensitive personal information. If you must use a wireless connection for services that involve personal information, you should change your password as soon as you get to a more secure network, such as at home.
You should also beware of transmitting personal information across sites that don’t use encryption. A website that uses encryption will have an "https" prefix on its Internet address, instead of an "http" prefix. The web browser may also display a lock icon at the bottom of the window or by the Internet address box.
Users should also think about ways to protect their passwords from being discovered by unauthorized people in person as well. Leaving passwords on sticky notes is one example of a security mistake that some people make, and another is speaking passwords out loud. When typing in passwords, users should take steps to make sure that others cannot see their keystrokes.
How to Create Safe and Secure Passwords
There are a few principles to keep in mind when creating passwords. They should be:
- Difficult to guess;
- Changed regularly.
People who use a single password for more than one online account are more vulnerable to an attack: if their password is compromised, the hacker now has potential access to all of those other accounts as well. Be sure to use a unique password for every site.
When creating a new password, an important guideline to follow is to create each password so that it’s unique and includes eight or more characters. Ideally, these characters should be a blend of lower- and upper-case letters, special symbols, and numbers. Users should create a password that is easy for them to remember but hard for others to guess.
When creating a password, people should avoid using things such as pet or family names, birthdays, or numbers in a sequence (eg 12345).
It is also important for people to change passwords on a routine basis; ideally every three to six months. Also, use an antivirus and firewall program and make sure that they’re up to date with the latest patches and virus definitions. These programs help to shield computers from viruses, which may install keyloggers to capture passwords as they are being entered.
Someday, All These Passwords Won’t Be Necessary
Since the beginning of the Internet Age, login names and passwords have been the most common method by which computers authenticate users and establish their right to access a given website or other resources on the Internet.
But as technology develops, better methods for authenticating users are becoming more common.
Fingerprint biometrics, facial recognition, iris scans, and voice recognition are no longer the realm of science fiction. It’s only a matter of time before this technology becomes more accessible to the public, and we no longer have to worry about remembering dozens of passwords.
Until the day we all use biometric scans, here are some resources to keep your login information safe!
Threats to Your Password Security
Here’s why your passwords are in constant danger.
- Heartbleed Web Security Bug: What You Need to Know: a guide on this bug that put thousands of people’s data at risk.
- Latest Breaking News Articles on Data Security Breach: a blog on the most recent threats to your password security online.
Creating Secure Passwords
What exactly makes a password strong and secure? Here are the facts.
- How to Create the Perfect Password: a handy infographic we’ve developed to get you started creating strong passwords.
- Guidelines for Strong Passwords: characteristics of strong passwords, and plenty of examples and tips for you from Lafayette College.
- Security Awareness Topics — Passwords: a guide from the State of California on keeping your password secure.
- Choosing and Protecting Passwords: a quick guide on creating good passwords from the US Department of Homeland Security.
Staying Safe Online
Here are some more general tips on keeping your passwords safe while using the Internet.
- Internet Security Tips, Straight From BCU's Network Director: Briar Cliff Network Director Darrin Fangman shares some tips for safeguarding your information.
- 101 Data Protection Tips: How to Keep Your Passwords, Financial, and Personal Information Safe: a detailed guide on protecting your personal information online.
Browsing the Web Safely
While the resources here might seem overwhelming, it’s not difficult to keep your information private as long as you understand the basic principles of password safety.
Further Reading and Resources
We have more guides, tutorials, and infographics related to using the internet safely:
- Is the Password Dead?: this infographic looks at the future where we no longer need passwords.
- 8 Ways to Create (And Remember!) Secure Passwords: creating great passwords that you can remember isn't as hard you might think.
- 8 Worst Security Breaches: even the pros get hacked. Find out about the eight biggest security breaches on the internet.
How to Create the Perfect Password
Confused about how to create a great passowrd? Check out our infographic, How to Create the Perfect Password.