That number might be equally as scary. But who could blame you — from Frequent Flyer numbers to your brother-in-law’s HBO GO account, you’re probably overloaded with a few too many passwords.
You’re not alone. According to a 2013 study by Ofcom, more than half (55%) of adult internet users admit they use the same password for most, if not all, websites.
Though it is easier to remember, using the same password for all of your accounts makes it incredibly easy for hackers to get into your accounts. And if that one password is too simple, it’s even easier for other people to access your accounts. You can do better — and we’re here to help. Below are some tips for toughening up your password security.
In October 2013, Adobe experienced a major security breach that affected over 48 million of its users. Here were the 10 most common passwords cracked from Adobe, followed by the number of users who had that password:
(“Password”? Really guys?)
But we can’t make too much fun — ours may not be much better. A truly secure password is still more complex than your license plate number or mom’s maiden name appended with her year of birth. Password strength is a function of length, complexity, and unpredictability. Here are some tips from the experts for making your passwords stronger.
The simplest of password cracking tools could guess a password that uses real words — forward and backward. You should also avoid using proper nouns (including your dog’s name), keyboard patterns (qwerty is the obvious one, but any keyboard patterns are easily guessable), letter or number sequences, romantic connections, or biographical information like your date of birth. Words with numbers added to them like “RedSox34” are also easy to crack.
A mnemonic password is a password that uses a pattern of letters, ideas, or associations that help you remember it better. We did an anonymous survey of password mnemonic techniques, and here were our two favorite mnemonic ideas to replicate:
It’s more important to create long passwords than it is to create complex ones. Here’s why: If every character of your password can be chosen from 62 possible characters (any of the letters “a” through “z,” uppercase “A” through “Z,” and any number — and that’s even discounting symbols), then a 12-character password has 62¹² possible combinations. The number of possible combinations ends up being a 28-digit number, and will make a high-end password cracking system work really, really hard. Add one more letter, and you have a 30-digit number, and so on. The longer the better. I know, I know, it’s a lot to remember — it’ll be easier if you use a mnemonic.
A Microsoft research study found that, for the majority of people, their “growing herd of password accounts is maintained using a small collection of passwords. For a user with 30 password accounts, the problem becomes not remembering 30 distinct passwords, but rather remembering which of 5 or 6 passwords was used. This appears to be done using a combination of memory, pieces of paper, trial and error, and password resets.”
Default passwords are the ones vendors send you when you open your account or reset your password. Usually, these passwords are sent to your email address for your to reset — meaning your archived emails are a jackpot of passwords.
To find these rogue passwords, search your email account for emails containing the word “password” and delete all the results. Search for “login” and “username,” too.
Do you reset a password at least once a month? You’re not alone. It’s really hard to remember more than a few passwords, especially if you’re following all of the rules I’ve told you about here. That’s where getting a password management tool comes in. Password managers with good reviews are 1Password, LastPass 3.0, and KeePass.
This includes your bank, investment accounts, and personal and work emails. Make these passwords the longest and most complex of all your passwords.
Until we can do DNA scans to authenticate every account we have, multiple, long, complex passwords are the best we can do. Hopefully, by following these tips, you’ll build more secure passwords — and remember them, too.
What advice do you have for conjuring and remembering good passwords? (Don’t include any information about your own passwords in the comments, please!)