Earlier this year, global consulting firm Deloitte released a report that found that more than 90% of user-generated passwords are vulnerable to hacking.
The report, which was prepared by Deloitte’s Canadian Technology, Media & Telecommunications arm, said even passwords generally considered strong such as ones with eight characters and a combination of numbers, letters and symbols are at risk, leaving your personal and financial information exposed. But what with passwords for nearly everything—from your bank card to your LinkedIn account, it would seem a daunting task to protect them all.
But it is possible, says Morgan Slain, CEO of productivity apps maker SplashData.
“These days, your most valuable asset is digital information,” he explains. “Just think of the implications if someone got access to your usernames, passwords, email, and online accounts.”
For starters, don’t make yourself a target for hackers. Hackers look for people who, as Slain points out:
• Use the same passwords over and over again on different sites
• Use short passwords of less than 7 or 8 characters
• Don’t change passwords often
• Write down passwords or put them in an unprotected document
So how can you protect yourself? Follow a few simple rules, says Slain.
Avoid The Obvious: Using your name, pet’s name or nickname are common no-nos. “Don’t use a password that anyone who knows you might be able to guess. So forget about birthdays, names of spouses or kids, team names, or phone numbers…these are among the first a hacker might try,” says Slain.
For Your Eyes Only: Don’t share your password with anyone. Not that a friend or colleague will misuse your password, but they might leave it vulnerable for hackers to discover.
Be Aware Of Your Surroundings: Make sure no one is “shoulder surfing” when you are entering your password into any device. Just by peeking over your shoulder, they can figure out what keys you have typed. In public, always cover your hand when entering your password.
Do The Combo: Use a password that is a mix of letters, numbers and other characters. But make sure it is something you can remember. “Make it easy for yourself by using something you can remember, putting a zero in place of the letter O, using a 1 instead of an L, and adding exclamation points or questions marks. Such as: 0my1ord! or d0g8f00d?, explains Slain.
More Than One Word, Please: Avoid using single words. “Hackers can employ so-called ‘brute-force’ attacks that quickly try every word in the dictionary, so even long words are not safe,” says Slain. Instead, use multiple words from the dictionary and separate them by spaces or other characters. “These passwords are easy to remember and are surprisingly secure, even if the words are relatively short. Just don’t use common phrases. Examples of strong passwords like this would be ‘try-the-pears’ or ‘jack up my car’,” says Slain.
Remembering Made Easy: If you just have too many passwords to remember them all, Slain suggests using reliable password software such as SplashID Safe, Roboform, or 1Password. “These applications enable you to store and organize passwords and other sensitive information in a secure encrypted database on your computer or smartphone. Just make sure your master password to access the safe is very secure,” he says.