News stories about data breaches have gotten common over the last few years, so much so that it can be easy to skip right over them and move on to the next news story.
During 2013 there were 2,164 incidents exposing more than 822 million records. Nearly 48 percent of those cases involved compromised passwords.
It is more important than ever for consumers to be attentive to their passwords. Most of us have been using, forgetting and changing our passwords so many times by now that we may be afflicted with “password fatigue.”
That can lead to lazy habits like keeping the same password over long periods of time, using the same password for multiple accounts and relying on simple, easy-to-remember passwords – all bad ideas.
Here is some advice for consumers regarding those all important — but pesky — passwords.
What not to do
Some of this information may seem obvious, and you may have heard it many times before. Yet because so many people continue to practice dangerous habits when it comes to their passwords, it bears repeating:• Don’t use your name, birth date or other common words.
• Don’t keep it short. Use at least 10 characters, ideally 12.
• Don’t use the same passwords for multiple accounts. If one account’s password is stolen, only that account will be affected.
• Don’t share your password over the phone, in an email or text. No legitimate company will send you a message requesting your password. Any such message is a scammer and should be ignored.
• Don’t store your passwords in plain sight. Sticky notes beside your workspace are not the place for your passwords. Keep them private. If you write it down, don’t say that it is a password and don’t say what account it goes with.
• Don’t settle for only changing one character or number of your password for different accounts. Make each of them significantly different. A hacker who figures out one of your passwords may quickly try slight variations on it for your other accounts.
What to do
Well, then, what the heck are you supposed to do?
When making up a password, be creative and unpredictable. Make your password long and be sure to mix letters, numbers, case and special characters.
To combat the problem of trying to remember the password, Microsoft recommends that you create an acronym from a phrase that is meaningful to you. You might, for example, think of a phrase like “Our anniversary is12 December, 2004.” Then derive a password from the phrase. In this case Oann12/Dec,4 could be that password.
Add more security to the password by substituting numbers, symbols and misspellings. Then the password in this example could become Owr@nnizz1212o4.
Some people prefer to use an online password generator for coming up with their various passwords. Norton Security has an excellent one. A web search will turn up a slew of online sites to help you.
Many experts recommend using a password manager, especially for those with several accounts to keep up with.
A password manager is an app or program that stores your login information for all the websites you use. It enables you to login to the accounts automatically. You will have only one master password to keep track of, once the individual passwords for the accounts have been originated by you.
A browser search for “password manager” will provide you with numerous online sites. These programs can automatically fill in all the login information to all sites requiring it, including your email address, username and that specific website’s password.
Passwords can be a tedious irritant but they are necessary for your own security. Take the time to manage them properly and save yourself the nightmare of having your account hacked.