Your passwords are worse than you think (and the easiest way to fix them)

Please be happy. Today is World Password Day.You never take a break from work, but you conduct Recall that security can be very at risk. WorldPasswordDay is required if you want to recycle the same password for multiple accounts (don’t lie, I think), or if you want to use a simple password for “easy to remember” reasons.

Google conducted a survey of 4,000 American adults to understand the steps to keep their digital life safe. In short, they don’t. Studies show that nearly 40% of Americans have dealt with personal data breaches, but 20% admit that they use basic passwords that anyone can guess. Want to be a hacker? Choose 5 people: One of them uses something like a “password” to log in.

To make matters worse, more than half of respondents use personal information such as names, birthdays, partners, children, friends, family and pet names for passwords, and 65% re-password to various accounts. I answered that I am using it. This is bad news..

What is a good password?

Let’s start with the password itself, This should be two things: Strong and unique. A strong password is one that is difficult for both humans and computers to guess. It’s much more obvious how to create a tricky password to keep out roommates than to keep out hackers with a brute force attack (simply throwing a password after the password in the system until it matches).

If your password consists of common dictionary words, your computer will guess the password, even if you cleverly replace some of those letters with numbers or special characters. Hackers understand “t3l3v! S! 0n” as quickly as “TV”. Because their computers know to look for those tricks.

Traditionally, the best approach has been to use large randomized passwords. nobody Guessing a password like “Sj12 # 8) 23 & $ k51 * as.x * 3rffalwo @ 74d * 23” can take a considerable amount of time for the computer to crack the password.

But you don’t really necessary Create a password that is a hassle to remember. Passwords that use short strings of random words can be virtually difficult to crack in use cases. XKCD has a well-known web comic on this topic: “Correcthorsebatterystaple” is a strong password that is not difficult to remember.Humans certainly do not guess such passwords, computers far It’s too long to execute a dictionary word before it can crack it.

I’m a big fan Computerphile video Extend these ideas.

Password manager can do all the hard work for you

However, strong passwords are only part of the equation. You must use a strong password that is unique to each account. Decrypting the new password is certainly difficult, but I never have Please use it multiple times. Decrypting a password is not the only way to understand it. If a clumsy company is hacked, the password can be leaked. When that happens, hackers test the password on every possible account, and if it’s reused, it’s secure.

Therefore, it is best to use a unique password for all accounts. However, you do not have to perform the above steps for every login. If you use a password manager, you only need to worry about this password procedure once. Password managers such as Bitwarden and LastPass can automatically create a strong and unique password for each account and store it in an encrypted folder that can only be accessed with the master password. You only need to create one strong and unique password to remember, and you will always have access to your entire library of passwords.

If you’re looking for recommendations to get started, See this list..

The password is only valid until someone understands it

OK, so we know that password managers keep strong and unique passwords and protect them with one strong and unique master password. However, these passwords should not just exist forever. As already mentioned, a company hack can crack or leak your password. This certainly emphasizes the importance of not reusing passwords (seriously, do not reuse passwords), but it also emphasizes the need to change passwords from time to time.

This is not a fun process, but it is the only way to ensure that compromised passwords are not used against you. Even if a malicious attacker somehow gets your bank password, it doesn’t help if you change its credentials during a routine inspection.Many password managers have a link to the website in question so you can change your password quickly, but some password managers Like DashlaneEven better, you can change your website password at any time.

Always use 2FA when possible

In addition to proper password practice, you should use 2FA (two-factor authentication) whenever it is offered. More and more accounts and services are using 2FA as a second line of defense for security, for good reason.

So far I’ve talked about 2FA in detailHowever, here is a review. After using 2FA to enter the password correctly into your account, you will need to present the code from a trusted device to fully authenticate yourself. This code is usually sent via SMS or from the authentication system app via a generator. Some password managers have this code generator built in, so you can keep your security practices in one convenient place. Enter the code and you’ll be in — if you don’t have the code, you’ll be out.

With 2FA, password leakage does not completely compromise your account. Hackers can enter as many correct passwords as they need, but if they don’t have access to the 2FA code, they will sink. As a result, 2FA scams are on the rise, Do not share 2FA code with anyone.. Companies and services that use 2FA I never have Request these codes without prompting. If you suddenly receive a phone call or email from these “organizations” asking you to verify your 2FA code to prove your identity, ignore it.

We were able to go all day on the various steps you can take to keep your digital life safe. However, following these passwords and 2FA tips can be very helpful and have great benefits. Use strong and unique passwords, set up 2FA and do not share those credentials with anyone. Then you can celebrate. World Password Day every day Day.