Password “security” – what value does it really have for you? That depends on how much you value your identity. In today’s society, the term is overused to the point of us becoming desensitized to the importance of keeping our passwords secure. We tend to ignore the warnings and suggestions to keep our personal and work identities safe. I still encounter work computers with passwords on Post-It notes visible to anyone in the vicinity. Worse yet are those computers with shared or non-existent computer login passwords and phones without passcode protection. As we head towards the New Year, make a security resolution to protect yourself. Below are some easy suggestions and definitions to help you stay virtual safe in 2019.
As devices get smarter with features such as fingerprint readers and facial recognition, it’s still up to you to enable these features and use them to your advantage.
TechSpective provides the Top 10 security list but here are my basic go-to suggestions:
Strong Passwords
Most websites require passwords that are a minimum of eight characters, comprised of a combination of capital letters, a special character and an alphanumeric. Something like G45fg9h* would work. But how can you remember this, especially when you have different passwords for every login? (And by the way, it is highly suggested that you have a different password for each account.) So here is my recommendation: Come up with a memorable passphrase that is unique to that particular service and can be updated without having to reference a cheat sheet.
For example:
- Google Password => ILoveGoogle018$
- eBay Password => ILoveeBay018$
These will pass the strong password test, are unique and easy to remember. Each year the password can be updated to reflect the year, such as ILoveGoogle019$, and/or change the special character.
This approach will make it much easier for you to recall passwords on the fly. Although my examples are over eight characters, you may come up with a passphrase that is less. However, the longer and more complex, the better. So, think about one that will work for you. And yes, there are some websites that require less and you won’t be able to use special characters so dropping this off is another easy thing to remember.
Two-factor Authentication
If you have not already encountered two-factor authentication, then it’s only a matter of time. Your first login prompts a secondary code to be sent to your phone or email, which is then entered to gain access to the site or app. Because security is often breached from malware exploits hiding on computers and phones, this allows a temporary assigned code to be sent independently in order to fulfill the login process. This additional step may sound like a hassle, but it really isn’t. It happens quickly and the field to enter the code is already displayed.
Financial institutions are adopting this as a standard for online backing and account access. Even AirBNB uses two-factor authentication.
Any time you can enable this feature, do so. It’s easy and adds a protective layer to your account protection.
Saving Passwords within your Web Browser
We all do it, but is it safe? The real answer is no. These passwords are not encrypted and available for prying eyes and malicious software that may be downloaded without your knowledge to your computer or device. Financial loss or identity theft may result. So how so we deal with this security flaw moving forward in 2019?
The first step is to remove the passwords already saved in your browser. Since steps may change, the best way to learn how to do this is to Google “how to remove web browser passwords” from the browser you use. For example: How to remove web browser passwords chrome.
For Chrome, it’s managed via Settings:
All the saved passwords will be listed when you click on the arrow for passwords. You can then delete these individually.
The next step is to use the strong password approach detailed above or consider using a Password Manager. Password Managers are encrypted repositories, local or in the cloud, that store passwords for websites and apps and they can be shared between devices.
As with anything, there are pros and cons when utilizing Password Managers which will be covered in-depth in an upcoming newsletter. In the meantime, Consumer Reports posted a good read on Password Managers that you should review to better understand how these work and the nuances of the different products. You can also reference Consumer Advocate, which provides a review of top Password Managers.