Do you use the same handful of passwords for all your online accounts? Even if you’ve followed past advice and made them complicated by adding numbers or making them a long phrase, if you’re reusing the same passwords or combinations, you might be at risk if even one site you use is hacked.
So, how do you protect your online identity and information these days? You can do so easily by being aware of current hacking risks around passwords and using ALERT passwords. ALERT passwords are:
- Altered as needed
- Easy to remember
- Responsive, and with
- Two or more factors.
Here’s how to quickly and easily set passwords that are ALERT to current password risks and safeguards.
A – Alter your passwords as needed
You might have heard that the best password safety practice is to change your passwords frequently. That’s not the case. If you have a strong password that hasn’t been compromised, you don’t need to change it. In fact, doing so could alert algorithms to how you update your password (i.e., Summer2020 to Fall2020 to Winter2020 to Summer 2021 to Summer 2022).
So, remember to alter your passwords only as needed. That said, if you feel more comfortable changing your password every once in a while, once a year is often enough. Set a reminder in your calendar and change all your passwords that day.
L – Long Passwords are the Best Passwords
When it comes to creating strong passwords, longer passwords are often better. That’s because the more characters in a password, the more work it will take for hackers to figure it out. Some people create passwords by using long phrases that are important to them and so are easy to remember. Just make sure that if you do this you mix in numbers, characters, and punctuation marks to make it harder. The strongest passwords are often the ones that a password generator app or your phone auto-generates for you — which also tend to be longer.
E – Easy to Remember Passwords
So, how do you make long passwords easy to remember? If they’re based on phrases that matter to you, you’re more likely to remember them. However, your best bet is to buy and use a password keeper or vault on your phone and computer that allows you to generate hard-to-break passwords and then stores them for when you need to use them.
R – Responsive Passwords
Having responsive passwords means having passwords that respond to new authentication and password technology. For example, FIDO2 is an industry alliance of companies working in web authentication that want to push the world beyond passwords.
FIDO2 provides protocols and a process to use other ways to authenticate a user such as by using biometric or cryptographic methods such as using your face or your fingerprint to access your account. Some of these options are already available on devices. When they become available to you, adopting these kinds of next-generation authentication technologies to either build upon or bypass passwords altogether, as they become available, will help increase your security significantly.
T – Two-Factor Authentication
Even if you have a great password if a website gives you the option to turn on multi-factor or two-factor authentication, do it. Two-factor identification might mean using a password plus inputting an authentication code. An extra layer of protection can give you extra peace of mind if your password is compromised since hackers won’t be able to use the second factor to get into your account.
ALERT Passwords Give Peace of Mind
Creating good passwords can seem complicated and the advice you hear about them might make you think remembering them will be too hard. But if you make an ALERT password that you alter as needed, that’s long, easy to remember, responsive to technological advances, and has two or more factors of identification — you can help protect yourself and your online information easily and without stress!
This article is intended as general information only and is not to be relied upon as constituting legal, financial or other professional advice. A professional advisor should be consulted regarding your specific situation. Information presented is believed to be factual and up-to-date but we do not guarantee its accuracy and it should not be regarded as a complete analysis of the subjects discussed. All expressions of opinion reflect the judgment of the authors as of the date of publication and are subject to change. No endorsement of any third parties or their advice, opinions, information, products or services is expressly given or implied by Royal Bank of Canada or any of its affiliates.