Password Secrets Darling-Why One Password and Managers are not such a good idea. 7 Top Tips To Crafting Best Passwords
The digital age has brought with it, passwords. So many passwords!
Your phone needs a password, the WiFi needs one, the computer, laptop or tablet and most apps and even you're electric company, the IRS and your email needs one.
A Good Password Can Protect From Rising Account Takeover Fraud
A study just came out saying that over 22% of adults in the US have been a victim of account takeover fraud! During these attacks, people lose an average of $12,000 per case. Crazy!
This type of fraud occurs when a hacker gains access to a genuine account - such as social media, email, banking, even your profile for your favorite store.
One of the most important ways to protect your self is of course, secure and ever changing passwords!
Password Managers
By now we know each one should be unique and hard to guess to protect our privacy. Many experts recommend using a password generator or online password service.
Just like anything that lives in the cloud, Password Mangers can be hacked. And just like any site that you log into, a Password Manager requires a Password!
Be aware that when you use 1Password, Or A Password Manager - online privacy is absolutely not guaranteed.
A Password Manager is a locked space that "houses" your passwords so that you don't have to remember them.
But you do need to remember the password that gets you into the Password Manager. Typically, you'll use two factor authentication, so you have a level of protection with the annoyance of having to verify via an email or a text.
Tech Republic has a new Pro/Con list of the various Password Manger types:
- Cloud Based Password Managers- 1 Password, Norton, Keeper
- Offline Password Mangers Manage Engine, Dashlane- A Password Book is BEST
- Stateless Password Managers-Google Titan Security Key, Dashlane
Stateless Password Managers aka Password Generators Have Problems of Their Own
Here's Why We actually love writing our passwords down and tucking them away.
- We feel analog is safer. There's a much greater chance our devices will be hacked, then someone coming in and finding our tiny password book hidden in our drawer or dresser.
- Writing it down is better for our brain may even help us actually remember our passwords. This really cool study in Trends in Neuroscience and Education, showed that when children reproduced a single letter by drawing it on plain paper, vs tracing it over a dotted outline or typing it- they activated three distinct areas of their brains. We also know from another study that we learn something better when we write it down.
- We're not as stressed trying to remember every password and it lets us be more creative when we know we've got them written down.
The Secret Keeper Password Book. Write the Best Passwords Here!
Whether you write them down or use a password manager-Password Best Practices:
- Change them often! Every 90 days at least
- Sentences and PassPhrases are best
- No shorter than 17 characters
- Don't repeat passwords on different sites- if one is hacked, your other accounts or more easily hacked
- "Password" is not a great password, same for your birthday, address or kids address
- Try a PassPhrase that’s easy for you to remember- maybe based on a connection you have with the site- but no one else would guess. Like on Instagram “Myniecesignedmeup14”
- When buying online, don't repeat the same password from store to store. AND even more important, NEVER re-use your email password. If Target is hacked and your email/password combination is compromised and you've used your email password as your Target password, it won't take long for a hacker to get into your email and then get into the other places you shop.
- Keep your written passwords hidden in safe spot
- Don't Give Your Phone Number for Two Factor Authentication! I don't do it because it's a major privacy issue for me. My husband does and he's constantly getting spam texts each time he gives out his phone number for another Two-Party Authentication request- First Ask if you can use an email-Make it Proton Mail(encrypted and private) and if the company says no, opt for a Security Key. Yubico is the company that seems to have the best Keys and the best reviews. Here's how they work-you do need to register.
-
- Secure your login and protect your account with hundreds of services like Google, Outlook, Facebook, Shopify etc.
- Protect your online accounts from phishing and account takeovers. They make it extremely difficult to gain access or steal your most important files, pictures, emails, and financial information.
- You need to register- but you only need to do it once. . Once registered, each service will simply request you to insert and tap your Security Key to gain access during login. .
Lets talk some truth about those Security Questions or Password Validation questions so many sites, like your bank or your health insurance are requiring. The real answers are all over your social media my love. Yes. Your hometown, first school, high school, best friend, mothers maiden name-Hello- she for sure follows you! Your favorite color and food. I'm betting you made that public somewhere.
The bank, the insurance company, anyone asking these questions doesn't really care what the answers are--there's no law that says your bank or health insurance companies need the actual truth to these questions. These questions are for YOU to prove you're actually you when you login. So grab a pen and add some creative answers- that are only you will know and remember. I keep mine in my password book btw.
- Don't use actual "real" answers to security validation questions when you create the validation. Mothers maiden name, grandpas first name? Answer: Yacht Favorite Food: Sky You get the idea
- Change up those "Extra security questions" for different companies- just in case one gets hacked—with made up answers to things like, "What's your favorite hobby? and "What was the name of your first pet?"
I love our new linen password book, because each entry leaves room for these questions and answers. And-it's so pretty!
Don't forget to change your WiFi Password! Here's How!
And change your phones Airdrop Name! Here's How!
First Published_Visible (as of 10/3/2020)