Building an ultra-safe password can sometimes be a hassle, but it’s usually worth it. Here are six tips that’ll help you put together the most-secure passwords.
Avoid personal information
“Good passwords have nothing to do with you, your children or pets,” said Dr. Phil Polstra, Professor of Mathematical and Digital Sciences, Bloomberg University.
Hackers can easily access your social media sites to figure out your name, date of birth and the names of your relatives or pets. Try to avoid using these things as inspiration for your next password.
Make sure to alternate the caps
Similarly, using a predictable sequence puts you at risk as this is much easier for a hacker to guess.
“Put your digits, symbols and capital letters spread throughout the middle of your password, not at the beginning or end,” says Lorrie Faith Cranor, FTC Chief Technologist and Carnegie Mellon Computer Science Professor.
“Most people put capital letters at the beginning and digits and symbols at the end. If you do that, you get very little benefit from adding these special characters.”
Don’t use patterns
Patterns are frequently used as passwords and can therefore be easily guessed by hackers. These include things like “123456”, “qwerty”, “abc123” or “111111”.
“People often include a row of letters from the keyboard, because they think it looks random,” says Cranor, “but actually keyboard patterns, whether left, right, or diagonal, are among the most easily guessed passwords.”
Avoid the dictionary
Hackers can utilize software programs that scan the dictionary for possible password combinations.
Darren Guccione, CEO and Founder of Keeper Security suggests to “avoid dictionary terms. Dictionary cracks guess passwords using lists of common passwords and then move to the whole dictionary. This is typically much faster than a brute force attack because there are far fewer options.”
Stephen Cobb, a Senior Security Researcher at ESET agrees, saying “I prefer not to use many real words in there”. He recommends a long sentence with a collection of upper- and lower-case letters, number and symbols.
Enable two-factor authentication
Two-factor authentication is a process by which users are only granted access to their applications after providing two or more pieces of evidence proving who they are. Evidence can include knowledge (eg a PIN or password), possession (eg an ID card or security token) and inherence (eg a fingerprint, face or voice).
“Don’t rely on passwords alone,” says Neil Wynne, a Senior Research Analyst at Gartner who focuses on business security.
“Passwords should not be considered sufficient for anything other than the lowest-risk applications.”
Instead, Wynne suggests adding a layer of more robust authentication, like cryptographic credentials, or a biometric identifier.
“By adding [extra authentication], a company could have a less strict password policy, like less characters or requiring password changes less frequently,” says Jackson Shaw, Senior Director of Product Management for Dell Security.
Don’t reuse passwords
Even an unauthorized party or hacker does gain access to one of your accounts, you can limit the fallout of a potential hack by using a unique password for each site you use.
“Even if you have an ‘unimportant’ password and an ‘important’ password tier, it’s very unsafe,” says Joe Siegrist, VP and GM of LastPass, a popular password manager. “It makes it way too easy for a hacker to attack one site and get your password to all the others.”