Does Your Password Hygiene Make the Cut?
The whys and hows of good password management
If your password hygiene practices leave more to be desired, you could be putting yourself at an increased and unnecessary risk.
Cyber attacks are rising around the world with an estimated 2,244 attacks occurring every day. In 2022, you should be taking steps to protect your sensitive personal information.
What is password hygiene and why does it matter? Let’s take a look before examining how to secure your passwords properly.
What is password hygiene?
Password hygiene is part of the broader concept of digital hygiene: a set of guiding principles that protect an individual’s online “health”, just as personal hygiene protects our physical health.
Good password hygiene practices include the safety and security of your passwords and accounts. When it comes to creating strong passwords, there are several factors to consider:
- Avoiding the most common passwords worldwide, 70 percent of which can be hacked in less than a second
- Use a different password for every single account you hold
- Creating passwords that are: long, complex, and unique. It’s time to say goodbye to “qwerty123”, “iloveyou”, and even worse, “password”
- Protecting your passwords by storing them in a secure place
Why does password hygiene matter?
Poor password hygiene places you at increased risk of any number of online threats, including malware, ransomware, extortion, financial losses, and identity theft.
Although most cyberattacks are carried out against corporate entities or government institutions, there is still a significant number of attacks that directly target individual users This can be seen in this 2021 report from the United States FBI.
Creating robust passwords
Your first step towards better password hygiene is to create robust passwords or passphrases. Here’s how:
Make your passwords long
There’s a common misconception of hackers: we imagine one lone threat actor trying to guess or somehow figure out an individual’s password in order to gain access to their account – but the reality is far from this.
Advanced computing systems and specialized attack types, such as brute force and dictionary attacks, mean threat actors don’t need to put a lot of time or effort into cracking a password, especially if it is short.
In 2022, the recommended password length is 12 characters. Statistically, it’s easier to hack a shorter password than a long one. Choose unique passphrases to reach a good length, for example, “gOldfIsh run 0ver tr3admills to 8core goAls.”
Make your passwords or passphrases complex and unique
Passwords should be unique and complex. Avoid common passwords like “123456”, but also avoid using well-known words or phrases, such as “a stitch in time saves nine” or something along those lines.
The prevailing wisdom when it came to complexity used to be that a complex password was better than a long one. However, experts now suggest that length is the most important factor.
That said, complexity and uniqueness are still important. Try and be as random as possible when creating a password. Use a good mix of numerals, upper and lowercase letters, symbols, and punctuations.
Protecting your passwords
Once you’ve assigned a long and unique password to each of your accounts, the next step in good password hygiene is protecting them. Here’s how:
- Use a password manager so that you can keep all your passwords and passphrases secure. A third-party option such as LastPass is better than your browser’s in-built system.
- Don’t sign in to your accounts from unknown or unsecured networks, such as free public WiFi or one of the numerous networks that appear in airports. If you must do so, use a VPN.
- Choose multi-factor authentication to add another layer of security to your accounts, for example, additional verification or biometric log-ins.
Robust password management practices, which include using strong passwords and keeping them secure, are your best way to avoid becoming yet another cybercrime statistic. Follow the principles above to boost your password hygiene in 2022 and beyond.