Passwords - Your doing it wrong!

Protect Your Password - Keys to the kingdom

So what’s the new advice to protect your most personal and coveted information?

The guidelines laid out by NIST are written for the government and leveraged by IT professionals at big companies. But these are lessons we can all take from them with our everyday online habits:

  • Use four or five random words strung together with spaces between them. According to the recent data and research, your best chance of keeping your password from getting cracked is to use a string of a few unrelated words separated by spaces. So a crazy jumble of words may just be what helps keep your information more safe. Of course, as a user you’re limited to what an entity or financial institution requires you to do and some may still make you use special characters.
  • Make the passwords easy to remember. If you are able to remember your passwords, you won’t have to change them all the time or leave them written on post-it notes or notepads, which can get lost or end up in the wrong hands. Top infosec professionals also recommend that you don’t use the same passwords for multiple websites. So even those of you with great memories likely can’t keep all the websites and logins straight in their head. So what are some options? You can look into password management tools that help you with storing passwords, such as LastPass and 1Password.
  • Don’t change your passwords unless you suspect your information has been breached. Turns out that changing passwords frequently can actually just give cyber criminals a glimpse at potential patterns in your passwords, allowing them to crack them more quickly. No need to change them every so often anymore just because.
  • Use multi-factor authentication (MFA) when you can. Also commonly known as two-factor authentication, this is available on many larger sites and will require an extra step (such as identifying additional information or getting a text with a code to enter). It’s worth using if a website offers it, since it means someone needs more than just your password to get into your account—especially when accessing your account on a new device.

Other Ways to Protect Your Account Information

What else can you do? Be vigilant about securing your information online and offline. According to the Experian survey, 50% of people don’t worry about identity theft because they think their poor credit makes them unappealing targets. But everyone is important—at least your identity and personal information is—and cyber criminals are eager to use it.

  • Don’t ignore online privacy policies – sometimes certain information is shared with third parties, but if that’s the case you can usually opt out of that if you prefer. Check account settings and profiles to see what you’re agreeing to and if you receive a notification about a change in terms, review the details.
  • Read alerts about data breaches – if you get information that a company you do business with has been breached, review the details in the letter and communication from them and take actions to protect yourself after a data breach.
  • Keep an eye on account statements and your credit report to help spot potential early warning signs of identity theft. You can also check out products like Experian IdentityWorks to help you with monitoring and protecting your identity. That way if you suspect your identity is stolen or you’re the victim of a data breach, you can keep an eye on your credit report and get notifications alerting you of new accounts, inquiries or increased account balances.