Top 5 Bad Password Habits
Passwords are undoubtedly the core authentication layer on all of our accounts. Unfortunately, recent statistics have shown that they can get compromised severely due to bad password habits.
- Using the same password everywhere – Analysts estimate that some 50% of people on the Internet are still using the same password for all of their logins. This is one of the riskiest things you can do online – with massive breaches affecting more consumer websites and services, it’s only a matter of time before one (if not more) of your online accounts gets compromised. If you use the same password across multiple websites, it only takes one website leak for someone to get access to your other online accounts, and jeopardize your identity.
- Never updating passwords – When was the last time you updated the password for your email accounts? How about your online banking and other financial accounts? Or your social networking accounts? Having strong passwords is just as important as regularly changing those passwords, especially if the same password has been used on more than one account.
- Checking the “Remember Me” option – Many websites give you the option to remember your username and password. They might also keep you logged in on the website for as long as possible. The danger here is that you’ll likely forget the login details if you have the website remember it for you without securely storing it elsewhere, and/or anyone with direct access to your computer will have no trouble getting to your accounts – not to mention that ‘Session Hijacking’ or other types of likely attacks could also occur.
- Storing passwords in the browser – Storing passwords in your browser might be convenient, but it’s not sufficient to keep your passwords and online accounts protected. As any vulnerability in the browser/browser extension (plugins/add-on’s) can lead to compromising browser password managers, use a password manager instead!
- Sharing passwords too freely – At some point you’ve probably had to share a password. It could be a WiFi login with your house guests, or accounts to pay online bills with your spouse, or a login with your business partner. Whatever the case, passwords should be shared sparingly, and only with those you trust. When the person no longer needs the password, it should be updated immediately.
There is no tip-top solution to avoid bad password habits. Writing down passwords and storing them somewhere safe (e.g. in a safe) can have its own down-side as well. Nonetheless, whatever the way you would like to store your passwords – there are certain measures which can help.
- The foremost thing is to choose a STRONG
PASSWORDor should we say: a PASSPHRASE. The following comic strip sums it up well.
- Always use a safe (e.g. an encrypted channel) & trustworthy medium (e.g. not known for having/planting backdoors) for sharing your password with someone. If possible, give it to the other party in person.
- Don’t store written copies of your password (e.g. on sticky notes, your work diary, or on the back of your keyboard). But if you really have to use it temporarily or access it from a written source, be sure to store it in a safe place.
- Keep in mind the length and complexity of your password. Sites like https://howsecureismypassword.com, https://password.kaspersky.com and http://www.passwordmeter.com/ gives you a good password reading on how long it will take to crack your password.
- Sites like https://haveibeenpwned.com and https://breachalarm.com lets you check if your account has been compromised in various data-breaches. If you think your account has been compromised, reset your password immediately.
- Before choosing a password, services like https://haveibeenpwned.com/Passwords allows you to check if the password you are about choose has already been discovered in a data breach.
Above are just few practices which you can apply to protect and safeguard your password. By doing so, you will be able to reduce the chances of your online accounts getting compromised.