As we store an ever increasing amount of financial, health and other sensitive personal information online, protecting online personal information is even more important — particularly given the reality of data breaches and hackers. Diligent password management is critical, but something about which most people don't give a passing thought. Most people create passwords that are easy to remember and then re-use it across a multitude of sites and accounts. However, if just one site suffers a breach or a clever hacker guesses a user's password, this information could allow the cyber-criminal access to one's bank accounts, investment accounts, email accounts, loan accounts, dating sites, etc.
"Experts" might disagree on password best practices; however, inaction is not an option. Make time to do some digital housekeeping. Here are some thoughts to consider:
- Create strong passwords that are long and complex — particularly for sites where you store the most sensitive information.
- Consider using a nonsensical combination of characters (1TiC!AZ#$%) or a one-sentence summary of strange life events (ThedogAtetheCoTToncandyonMay1st$).
- Use numbers, random capitalization and special characters in all passwords.
- Create a different password for each account and site.
- Regularly change your password.
- Never use your name, email address, home address or social security number as a password.
- Do not give your password to someone you don't know — it is highly unlikely that a site or business will ask you for your password — rather, they will ask you to change your password.
- Consider using a password manager (such as LastPass or 1Password), which creates strong random passwords and syncs them securely across your browsers and devices.
- If available, always enable a site's additional security features such as two-factor authentication.