This article originally appeared on Discover & Learn on October 16, 2018.
Protecting your passwords might sound tricky, but it’s all quite simple. So simple, in fact, that even a kid can explain it.
Ever left your keys in the front door, or your car unlocked overnight? While you might have accidentally left your valuables unprotected once or twice, chances are you’re usually pretty careful about keeping your stuff safe. Well here’s the thing. When it comes to your online keys — aka passwords — you need to be just as careful to keep your information secure. In fact, you have to be ultra cautious, as there are hackers out there whose full time “job” it is to crack the passwords of unsuspecting online users.
One of the most common ways scammers get access to your personal data or break into your online accounts is by guessing your passwords. So if you’ve got the word “password” or the digits “1234″ in your password repertoire, you may as well be handing out your house keys to strangers. With your address and directions taped to the back.
5 tips for creating amazing passwords
The good news? There are a number of ways you can make your passwords difficult – if not impossible – to crack. Here are five dynamite techniques to try.
1. Don’t think of them as passWORDS. Think of them as passPHRASES. It’s important that your passwords are complex, long and difficult to guess. So instead of using just one word, consider using a phrase — say a song lyric, a line of a poem, or a favourite saying. Make it even harder to crack by misspelling words, adding spaces, and including punctuation and/or numbers.
2. Avoid the obvious. Things like your birthday, pet’s name and address are so easy to guess for hackers. Make your passwords random and seemingly unrelated to your life.
3. Apply a one-to-one approach. In other words, don’t use the same password across multiple systems. Imagine if you had the same key for your home, car, office and safety deposit box. If that one key fell into the wrong hands, it would be a disaster! The same goes for passwords.
4. Use a password manager. There are a number of great password management systems out there that securely store your passwords for you. Plus, many of them will generate super-complex passwords on your behalf and keep track of your passwords to make sure you’re not using the same one in too many places (see point 3). In the end, they’re all designed to save you from having to remember your potentially long list of complex passwords, and to keep them safe from hackers. LastPass, Dashlane and KeePass are some of the most popular primarily because they’re really easy to use and relatively inexpensive (ranging from approximately $20/year to $40/year). Plus they offer lots of great features to keep managing your passwords simple, secure and convenient.
5. Try two-factor authentication. This is when where a site you visit requires a two-stage process for logging in and verifying your identity — such as adding a code that you receive on your phone to your log in password that you enter online. Hackers will find it very hard to break into your accounts when you make them jump through more than one hoop.
All this to say that while creating super complex, random and unique passwords is an important step in keeping your online data safe, there are other things you still need to do. Remember to always lock your computer (even if you step away for just a moment), don’t share your passwords with others, and don’t store them in an unsecured location — such as your notes screen on your phone, or on a sticky note.
This article is intended as general information only and is not to be relied upon as constituting legal, financial or other professional advice. A professional advisor should be consulted regarding your specific situation. Information presented is believed to be factual and up-to-date but we do not guarantee its accuracy and it should not be regarded as a complete analysis of the subjects discussed. All expressions of opinion reflect the judgment of the authors as of the date of publication and are subject to change. No endorsement of any third parties or their advice, opinions, information, products or services is expressly given or implied by Royal Bank of Canada or any of its affiliates.