Every time you log into something on the internet, you probably use a password. Over time, you have more and more accounts, and more passwords. It can be incredibly difficult – if not impossible – to remember them all, and so a lot of people end up using the same password for everything. It’s just easier, especially if that password is something you’ll never have to worry about forgetting, like your child’s name or birthday. Who has time between soccer practice and gymnastics and dinner to worry about online security anyway?
Unfortunately, reusing passwords is an incredibly unsafe thing to do, and opens you up to all sorts of dangerous things – including having your accounts hacked, your identity stolen, your bank account drained, and possibly even access to your child.
In 2006, Microsoft did a study of over 500,000 computer users and found that the average user has 25 accounts on the internet – and only 6.5 passwords. That means people are using one password for multiple sites. Another problem the study found is that people tend to use weak passwords because they’re easier to remember.
What’s the big deal? Why does it matter if you reuse a password for more than one site? Who cares what your password is? It turns out that all of these things matter a great deal.
A 2014 study by password manager LastPass found that over 110 million adults had their information exposed by hackers – and that was just in the United States. Since then, several massive hacks and data breaches have exposed millions more. With an average of 19 new victims of identify theft every minute in the U.S., it’s safe to say that a secure password is critical.
To really drive home the point of how prevalent data breaches are, go to HaveIBeenPwned.com and enter your various email addresses. Chances are, your information has been part of a hack or data leak at some point.
It’s not enough to have a password; in fact, Lifehacker blogger John Pozazides explained way back in 2010 how easy it is to get someone’s account passwords from publicly available information. He published a list of weak passwords that get used over and over:
- The name of your child, significant other, or pet.
- The last 4 numbers of your Social Security Number.
- 123, 1234, or 123456.
- The word “Password.”
- Your hometown, college, favorite sports team.
- Your date of birth, mother’s maiden name, or some other basic fact.
Now let’s think about how easy a hacker could gain any of that information. A lot of it is probably available on social media. When did your Facebook friends all wish you or your child a happy birthday? What sports team are you posting about, or what team’s pages did you like? Where are you from, and what college did you attend? Even your mother’s maiden name is easy to obtain with a little digging on Facebook.
It’s imperative that your password be something hackers won’t be able to guess by digging for tidbits of information about you. There are several ways you could do this:
- Use a password created by a pattern on the keyboard. For instance: the password 1qazxdr% makes a V-pattern on your keyboard; it’s easy to remember but impossible to guess.
- Use a random string of unrelated words. One well-known example is “correct horse battery staple.” Obviously you don’t want to use this one! Come up with unrelated words that you can remember. One way to do this is to stand in a place in your home, and use objects you can see, such as “recliner painting rug television.” If you have problems remembering the words themselves, you can imagine yourself standing in that place in your home, and it’ll help you remember the items themselves.
- Use a password generator. Correcthorsebatterystaple.net is a good one.
Stop Reusing Passwords
Now that you have a solid password, you’re probably tempted to change all your accounts to that one password. Don’t do it! You need one of these passwords for each account you have. How can you possibly remember all of these new passwords? You don’t! You need a password manager like LastPass, KeePassX, or 1Password.
A password manager keeps track of all of those secure passwords, and can even generate highly secure passwords for you. All you’ll need to remember is the password to get into the program; that will unlock the manager and allow you to use any password in the manager’s database. Many users will unlock the database when they sit down to their browser, and then close the database when they close their browser, effectively locking up the password vault. Some managers also allow you to put a time limit on how long it stays open, in case you forget to close it.
Weak passwords and reused passwords are easy ways for hackers to steal your information or even your identity. Take steps today to make yourself and your family safer; a password manager can help you stay safe while letting you focus on other important things – like getting your child to their next activity on time!
Bill here from PixelPrivacy.com. My blog is all about making the world of online security accessible to everyone. I pride myself in writing guides that I’m certain even my own mom could read! Be sure to head over to my blog if you’re interested in keeping your private information just that: Private!