7 Tips to Secure Passwords in a Digital Age

Before reusing a password, consider all of the data that could be at risk, both personally and professionally.

These days, we’re overloaded with online accounts that require credentials and memorizing them is impossible. While it may be tempting to reuse the same password across different accounts, it is not a safe solution.

Compromised passwords are a leading cause of data breaches, and reusing passwords can increase the damage in what would otherwise have been a relatively small incident.

Cybercriminals know that people reuse login credentials and often test compromised passwords on commonly used sites in order to expand the number of accounts they can access. If you use the same password for your work email as you do for online shopping websites, a breach at one of those retailers can put your work email at risk.

Here are seven tips to help keep your information safe:

  1. Use separate passwords for work and personal accounts.

  2. Avoid words that can easily be guessed by attackers like “password” or “September2017,” or predictable keyboard combinations like “1234567,” “qwerty,” or “1q2w3e4r5t.”

  3. Longer is stronger. Use passphrases rather than passwords. Passphrases could include several random words like “Highway owl purple elephant” or could be from a favorite song lyric or book.

  4. Add complexity with capitalization or special characters. “Fido!sAnAwesomeDog” is a stronger password than your pet’s name.

  5. Adding numbers or special characters at the end of a word does little to increase security, because they’re easy for software to guess.

  6. Avoid words like your kids’ names that could be revealed by a few minutes of online research.

  7. Answers to security questions are often easily found – your mother’s maiden name is public record – so pick another word to use whenever that question comes up.

Reusing credentials is like giving away copies of a key that opens all your locks – you’re putting your private data in the hands of the company with the weakest cyber security.