Nine Password Safety Tips to Improve Your Online Security

It seems that unfortunate news stories are frequently reported about bank account and email passwords that have been stolen. Sometimes these security breaches compromise the private data of thousands and even millions of people. It’s easy to become discouraged and wonder if there is anything we can do to protect ourselves within this electronically connected environment.

We know that just as a chain is only as strong as its weakest link, that online security systems are similar because they are only as strong as their weakest components. Not surprisingly, the password is often the weakest link in the electronic security “chain” that protects our online banking, email accounts and other personal data.

In reality, a weak password compromises the entire system including your personal information. The good news is that you can better protect yourself and enhance your electronic security and privacy by using more sophisticated passwords. Here are nine password safety tips to do just that.

1. Create strong passwords.

A strong password is a string of characters that is difficult for another person (or even a computer program) to guess. In fact, the name password is a bit of a misnomer since a strong password should not even be a real word. A strong password should be a mix of uppercase and lowercase letters, numbers and special characters including keyboard symbols. Since computer programs can try to “guess” your password via massive electronic dictionaries, your password should not be a dictionary word in any language. The longer and more varied your password is then the harder it is to guess; therefore, make it at least eight characters long. Since each additional character dramatically increases your password’s strength, most security experts recommend longer passwords which would include 12 or even 14 character long passwords for better safety.

2. Create random passwords.

A password should not be all letters, all numbers, or as stated above, it should not even a real word. Instead, a password should be a random mix of all these elements — anything on the keyboard is fair game. Don’t forget the “shift” key to make more complicated symbols (including symbols like ~ + _ { @ } # ^ ). Many systems will also allow you to use spaces in your password.

3. Create easy-to-remember (but hard to guess) passwords.

Random “gibberish” is hard to remember, though, so you may wish to think of a sentence or phrase you can easily recall when developing your password. You can do this in several ways. You can take the first letter of each word in this phrase or sentence as your base and then add and/or substitute some numbers and symbols into this “string” to make your password. Or, you can go to step #4.

4. Use a password generator to create a strong password.

A password generator is a tool designed to create passwords. Good password generators include options to make strong passwords that are random and varied with a long string of uppercase and lowercase letters, numbers, symbols, and other keyboard characters. Security software maker PC Tools created a free online password generator tool that many have found very helpful for creating quality passwords. It offers all the features discussed above in an easy-to-use online format.

5. Avoid common password mistakes.

Repeated characters in passwords such as AAA or common sequences such as 12345 might be easy to remember but are not as secure since they are easier to guess.  Don’t use your login or username as your password. Likewise, don’t use anything personal such as your name, your pet’s name, your spouse’s nickname, your Social Security number, etc. in your password. Again, be sure to use long, random passwords that are not dictionary words.

6. Test your the strength of your password.

Let’s say you created a password that you think is strong and viable to protect your information. How do you know how good it really is? Thankfully, there are some great free online tools to conveniently and privately test a password’s strength online. For example, the Microsoft Password Tester is a free online tool that lets you enter your existing or proposed password into an online text box for a real-time analysis of the password’s strength. Since the Microsoft Password Tester tool provides an instant gauge of your password’s strength as you type, you can see how very important extra characters, symbols, uppercase and lowercase letters, and numbers are to the password’s overall strength.

7. Keep your password secret.

Since your password is your access key to what could be extremely valuable data, guard it carefully. Don’t share it with others or enter it in front of strangers or those you can’t trust. Don’t write your password down and carry it around in your purse or wallet. Don’t store it on your computer (or cell phone) in an unencrypted file. Beware of sharing passwords over email, instant messenger, or the phone — these systems are rarely secure. Also, beware of letting your web browser “remember your password” unless you can protect that computer from unauthorized access by others (some web browsers let you password protect your password file). Log out of your accounts after you use them to prevent others from accessing your personal information. Since criminals can use keystroke logging devices to record exactly what you type, don’t type your sensitive passwords into public computers like those in found in airport and hotel kiosks, Internet cafes, and computer labs.

8. Use different passwords for each Internet login and electronic account.

Don’t use the same password for all your electronic accounts. If a criminal steals your one password then all your accounts using that password are vulnerable. Increase your electronic security by giving each account a strong, random password of its own.

9. Change your password at least every 3 months.

It is wise to frequently alter or change your passwords. Following this routine tends to increase your electronic life’s variety and randomness which is a good thing from a security point of view. Frequent password change can also reduce the risk caused by accidental exposure of a password — it effectively removes a potentially compromised password and replaces it with a new one. Regular password change also allows you to keep up with the times by continually updating and enhancing the strength of your passwords. As more powerful computers are produced each year, the need to update your passwords with stronger and more sophisticated ones increases.

In conclusion, don’t neglect your passwords. They are your final line of defense. Build them long, strong, and keep them random. Don’t forget to test and change regularly. Do all these things and you’ll find that your passwords are probably not a weak link after all.