Dos and Don’ts for Creating Secure Passwords

These days we conduct so much of our lives online that invariably – whether it is with our online bank accounts, our shopping sites, our credit cards, our emails –

password

These days we conduct so much of our lives online that invariably – whether it is with our online bank accounts, our shopping sites, our credit cards, our emails – we have a lot of sensitive data stored behind digital lock and key. That’s why it is critical that those locks – our passwords – are as secure as possible, and a key factor in establishing that security is making a unique password for each of your online accounts.

“People need to realize that actually passwords are the key to your online identity, so the last thing you want to do is have the same key to every sort of piece of treasure you’ve got on the Internet,” says Kaspersky Lab’s David Emm.

That means that not only should you not recycle the same password for any of your accounts, but you shouldn’t use a simple variation on the same password either. If your name is David, for instance, don’t use David1, David2, David 3, etc. as your passwords.

Instead, says Emm, create a unique password for every account. This is actually easier than it sounds.

First, don’t use something that is obviously associated with you – you might share, intentionally or inadvertently, information about yourself on social media, something hackers can find online. So don’t use your cat’s name or your kid’s name as your password.

In fact, says Emm, you should make a password that can’t be found in the dictionary – hackers use programs that cycle through the dictionary trying to find words that will access your account. So don’t just use letters, but also include numbers and non-alphanumeric symbols.

That may sound like it would make it hard to remember all of your passwords without writing them down somewhere, but actually it’s not that difficult: Create a formula for remembering. Take a word you want to use and create a formula for scrambling the letters and replacing them with numbers and those non-alphanumeric symbols – last letter first, first letter is a semicolon, etc.

There are enterprising attackers who will try to reset your passwords by answering your security questions, which is why Emm recommends taking the time to choose the challenge question and answer instead of picking one of the boilerplate questions offered to you.

“What we’re trying to do here, as individuals, is minimize the risk we take when we go online,” he says.

Tips