1. Don’t use weak passwords
The traditional advice for strong passwords is to “use a long, random collection of numbers, upper- and lower-case letters and wacky characters”.
A strong password:
Is at least eight characters long.
Does not contain your user name, real name, or company name.
Does not contain a complete word.
Is significantly different from previous passwords.
Contains upper and lower case letters, number and non alpha numeric characters such as #$%^*
So don’t use personal information, an animal, sports team, business name, nickname, quotation, family member, phrase, collections of related words or pet names; avoid dictionary words; and don’t expect to fool anyone by using common missspelllings, $ubst1tuti0ns or by adding numbers53 on the end.
Microsoft has this tip “Relate your password to a favorite hobby or sport. For example, I love to play badminton could becomeILuv2PlayB@dm1nt()n.”
2. Keep your password secure (in others don’t share it or write it down)
Don’t leave notes with your passwords to various sites on your computer or desk. I”ve lost track of the post it notes I’ve seen with passwords left posted on computers 🙁 And passwords in emails are especially vulnerable- think about it if a hacker gets access to your email account they will be able to see your passwords to any accounts that you have received or sent via email.
And don’t share it – a shared a password, is not a declaration of true love lol it is a security risk 🙂
If you share a password, you lose control of it because you don’t know who else the person you shared your password with shared it with, who they emailed it to or where they wrote it down.
3. Don’t reuse passwords
A study in 2007 found that the majority of people reused passwords 🙁 They found that the typical user needed about 25 passwords but only had about six.
That’s a problem because it rewards anyone who steals one of your passwords with the key to a number of other sites as well, making the damage far worse.
Consider this example, in 2014 approximately 5 million Gmail account names and passwords were uploaded to a Russian forum- if the majority of these million or even 20% used the same password for their email as they did their bank accounts then thats alot bank account access right there!!
Also with this uploaded data website hosting giant WordPress searched its own user database for the stolen credentials and found 700,000 matching email addresses and 100,000 matching email and password combinations.
In this example with WordPress.com for each email account that was compromised they also had a 1 in 14 chance of successfully compromising a WordPress account too.
If your password is stolen in a data breach then you should expect that the crooks will try it out on Facebook, Twitter, WordPress and any other websites they think you might be using too.
There you go – if you follow these simple tips your on your way to reducing one way the hackers can get access to your accounts!!