Top 5 Bad Password Habits
Passwords are undoubtedly the core authentication layer on all of our accounts. Unfortunately, recent statistics have shown that they can get compromised severely due to bad password habits.
- Using the same password everywhere – Analysts estimate that some 50% of people on the Internet are still using the same password for all of their logins. This is one of the riskiest things you can do online – with massive breaches affecting more consumer websites and services, it’s only a matter of time before one (if not more) of your online accounts gets compromised. If you use the same password across multiple websites, it only takes one website leak for someone to get access to your other online accounts, and jeopardize your identity.
- Never updating passwords – When was the last time you updated the password for your email accounts? How about your online banking and other financial accounts? Or your social networking accounts? Having strong passwords is just as important as regularly changing those passwords, especially if the same password has been used on more than one account.
- Having short passwords – Shorter passwords (using personal information and/or dictionary words) are easier to crack, that’s why you should be using passphrases instead. According to NIST guidance, one should consider using the longest password or passphrase permissible (8–64 characters) whenever possible. The longer (and more random) they are, the harder it will be to crack them.
- Storing passwords in the browser – Storing passwords in your browser might be convenient, but it’s not sufficient to keep your passwords and online accounts protected. As any vulnerability in the browser/browser extension (plugins/add-on’s) can lead to compromising browser password managers, use a password manager instead!
- Sharing passwords too freely – At some point you’ve probably had to share a password. It could be a WiFi login with your house guests, or accounts to pay online bills with your spouse, or a login with your business partner. Whatever the case, passwords should be shared sparingly, and only with those you trust. When the person no longer needs the password, it should be updated immediately.
There is no tip-top solution to avoid bad password habits. Writing down passwords and storing them somewhere safe (e.g. in a safe) can have its own down-side as well. Nonetheless, whatever the way you would like to store your passwords – there are certain measures which can help.
- The foremost thing is to choose a STRONG
PASSWORDor should we say: a PASSPHRASE. The following comic strip sums it up well.
- Always use a safe (e.g. an encrypted channel) & trustworthy medium (e.g. not known for having/planting backdoors) for sharing your password with someone. If possible, give it to the other party in person.
- Don’t store written copies of your password (e.g. on sticky notes, your work diary, or on the back of your keyboard). But if you really have to use it temporarily or access it from a written source, be sure to store it in a safe place.
- Keep in mind the length and complexity of your password. Sites like https://howsecureismypassword.com, https://password.kaspersky.com and http://www.passwordmeter.com/ gives you a good password reading on how long it will take to crack your password.
- Sites like https://haveibeenpwned.com and https://breachalarm.com lets you check if your account has been compromised in various data-breaches. If you think your account has been compromised, reset your password immediately.
- Before choosing a password, services like https://haveibeenpwned.com/Passwords allows you to check if the password you are about choose has already been discovered in a data breach.
Above are just few practices which you can apply to protect and safeguard your password. By doing so, you will be able to reduce the chances of your online accounts getting compromised.
– Mailfence Team