How many websites have you visited today that require a password? It’s probably quite a few.
Do you need a password to access data or email at work? You likely do. In fact, you may have needed a password to log on to the computer you’re reading this on right now.
Passwords are the front line of defense in protecting the data on your computer and in your online accounts. They keep your kids from hijacking your Twitter account and keep cybercriminals from gaining access to your bank accounts.
But because we need so many passwords today, many of us take the easy way out. We use the same password for everything, or we use very simple, easy-to-remember passwords. And that’s where we can get into trouble.
The risks of weak or multiple-use passwords
“Let’s say you fall for a phishing attack on Facebook,” explained Boston-based digital-security expert Beth Jones. “They can see your email address and try that same password there.
“If you have sensitive information in your email, such as bank statements or credit-card statements, then the attacker can try that password to access bank accounts or credit-card accounts as well,” Jones said.
“They would have several key pieces of [personal] information … so in theory they could try the ‘forgot username’ on other accounts, such as Twitter, or online games,” Jones said. “You can see how this snowballs quickly.”
Not only should you have a unique password for each site you log into online, but, as Gunter Ollmann, founder of the Atlanta-based computer-security firm Ablative Security, pointed out, you should also avoid recycling old passwords.
“Criminals — and unethical webmasters — often try to use the passwords that have been taken from one site and use them against other sites, especially if your email address is also known to them,” Ollman explained.
“Each website or application you use should have a different password, and ideally you should not use a predictable algorithm for generating them,” he said. “For example, a bad practice is to use a password that contains the particular website’s name or address in it.”
How to create perfect passwords
So what makes a good, strong password?
“Password strength is measured by two characteristics — length…