We store a lot of data electronically, whether it’s at the office, or on social media, or anywhere else. But even the most sophisticated system is only as effective at keeping that data safe as the password you choose. Even the most powerful encryption won’t help when someone tries putting in “password” as your password. And yes, I’ve personally seen that used in corporate environments. The large security breaches confirm the same thing, that “password” is one of the most commonly used passwords.
So if you want to keep your data safe, the best way to start is with a better password. You want something difficult to guess, as well as difficult to crack by machine, but yet still memorable for yourself. Using characters instead of letters helps (such as a ‘zero’ instead of an ‘o’), though most people these days automatically attempt the common substitutions when trying to crack a password. The current trend is using phrases as your password. Due to their length, they are harder to crack. Yet, a password like “ilovetheocean” is still pretty easy to remember.
Another key is to use different passwords for your different accounts, services, etc. This way, if someone does breach a system and gets a list of usernames and passwords, they will only be able to access that system with your credentials, and won’t be able to get access to everything else you have. For example, say you use your email address and password on a forum about cars, and they get breached. That may not seem like a big issue to you, but it can be if you use the same password for everything. Now, instead of just being able to see some posts you made about your car, they can make transfers from your bank account, buy things on Amazon, and read all of your emails.
Now, it can get confusing having different passwords for every service, especially if you’re required to change them on a regular basis. It’s ok to keep them written down somewhere to keep track, but make sure it’s secure. You could use a password-protected service that maintains a list of all of your passwords. Or you could write it in a personal notebook, though you need to keep it safe from others at all times, and you need to realize the risk if you were to lose it and someone found it! Also, don’t leave your password on a sticky note on your monitor! Sure, it won’t make a difference to outside attackers. But what about someone that’s walking through the building? They can easily gather enough info that way to get into the system later on.
I know this all seems like a lot, but the effort to recover from unauthorized account access can be far, far more difficult. Just remember the key points:
- Use passwords that are secure (not ‘password’!!), but easy to remember
- Use different passwords for different services
- Don’t leave your password laying out where it can be easily seen