There’s a reason for strong password requirements. Sometimes a password is the only barrier between a hacker and your email, banking, or social media account. This means it is critical to use good password habits. You don’t want your private information or finances in the wrong hands.
This big password guide will address some of the common questions we get all the time. What are password best practices? Why is password recycling such a bad thing? Do I need to use multi-factor authentication? What about password managers?
Add your questions to the comment box at the end of this article. We’re happy to help!
Overall, we recommend using the following guidelines when creating a password. These recommendations hold true for every type of account: email, banking, social media, Amazon, Walgreens, whatever:
Creating unique and strong passwords for every account can be challenging. It would be impossible to remember all of those passwords. This is probably why most people use short, shitty passwords! They’re easy to remember (but also easy to hack!)
So what’s the answer? Use a password manager!
There are so many to choose from, and depending on your needs, a free one may work for you. And yes, we recommend a password manager for work AND personal accounts. Both types are worth protecting.
There are many benefits to using a password manager:
There are so many articles on comparing password managers. Do a quick Google search and you’ll see what I mean! Please do some more research to figure out what’s best for you and your business.
Keeper - Best to secure cross-platform password management
Dashlane - Best for security-focused extras
LastPass - Best for ease of use
Bitwarden - Best free password manager
LogMeOnce
Password Boss
NordPass
1Password
RoboForm
Sticky Password
McAfee True Key
Zoho Vault
(source: PC Mag)
Most popular browsers offer their own password manager. Chrome, Edge, Safari and Firefox all have built-in password managers. But should you use them? Free is good, right?
There are benefits to using a browser password manager: convenience, no cost, ease of use.
But third-party password managers work a little better. They are designed to work in any browser (vs. always using Google Chrome to use your Chrome password manager) and have additional features you may need for your personal or professional life: securely share passwords or reminders to change out old passwords. Plus, good password managers allow you to set up MFA to add another level of security for your passwords.
Ok, so you have strong, unique passwords for all of your accounts.
Guess what, you need to add another level of protection. Why? Because hackers can still figure out your strong, unique passwords, and data breaches are unfortunately a pretty common occurrence.
So what can you do? Use MFA.
MFA stands for multi-factor authentication. This is sometimes referred to as 2-step verification or 2-factor authentication. It means there is an extra step to prove you are actually logging into your accounts.
When you set up MFA for your email, what happens is you will log in with your username and password, and then you will receive a code on your phone (either via SMS or authenticator app - explained below). This means a hacker will need your username, password AND phone to access your account.
If your email carrier or banking institutions do not offer MFA, we recommend switching. These are two types of accounts that absolutely need this extra layer of protection.
And absolutely, please for the love of all that is holy, turn on MFA for your password manager!!!
Password security is important. Sometimes a password is the only thing in between your data and a hacker. Using strong, unique passwords, along with multi-factor authentication and an organized password manager will help keep your accounts secure. We hope this password guide explained why and how to create strong passwords.
Need help with your organization’s cybersecurity? We can help! Contact us today.