Review your passwords (at least the important ones)
A recent study that reviewed 15 billion passwords found that the top 10 most popular passwords still include “123456” and “qwerty”. Before you gloat, thinking that you’re too smart to use one of those, ask yourself if “Diane2021!” is that much better? Remember, hackers have plenty of CPU power to try millions of variations. And they don’t have to try *every* combination, when they can rely on us to use standards like names, dates, and punctuation (especially the exclamation point).
Please read this article to jostle your contentment with your current passwords and see if you might benefit from some added security.
Why is my email account probably the most important account to protect?
Please review the article “Protect your email account” to remind yourself how easy it may be to get into all of your accounts by using a “forgot my password” link if the hacker has access to your email account. You therefore especially want to make certain that your email password is complex and unique.
Simple and reused passwords lead to compromised accounts. Even with all the reminders and warnings, users are still using (and reusing) simple passwords, and then are astonished when hackers get into their accounts.
Once a year, World Password Day reminds us to review our passwords and change those that are not secure. Why not take some time over the next couple of days and review at least your most important accounts and change the passwords on those that could use some beefing up?
Things to look for:
- Simple passwords which may meet the technical standards of the site, but which are not complex by today’s standards. The longer and more complex the better.
- Reused passwords. If you use the same password on multiple sites, then you are increasing the chance of those account getting hacked. Once a site is compromised, hackers frequently use the credentials they find against other sites… knowing that people often reuse the same credentials.
I hear you. But how am I supposed to remember all those complex, unique passwords?
How about using a password manager? They remember the passwords for you and are easily accessible from all your devices. If you pick one that provides the prerequisite security, then you can feel confident that your passwords will only be available to you, even if the password manager’s database were to be compromised.
We used to recommend using password formulas, but now we recommend using a password manager. A password formula is still much better than reusing passwords, but the significant differences in password requirements from site to site, and the necessity for more complex passwords these days makes this system not as tenable as it used to be.
If you have questions about this, please let us know and we will be happy to assist you.
Take care,