Are you on Twitter? The social media site is the latest in a string of high profile password breaches, leaving its 320 million users vulnerable to hacking. Access to a user’s Twitter account is now more valuable to cyber criminals than their credit card details because of the entryway it provides into their accounts on other sites. This can be disastrous if you use the same password to access your internet banking, for example. As trite as it sounds, the best way to protect yourself online is to create a strong password.
Avoid common passwords
According to SplashData, the most common password is 123456, followed by simply “password”. These are the first passwords a hacker will attempt to use. Look up the most common passwords online and avoid all of them. Similarly, don’t use anything easily identifiable with you, i.e. birthdays, sports teams, children’s names or pet names. Don’t assume substituting letters – “p455w0rd”, for example – will protect you. Hackers are savvy.
Don't re-use passwords
Occasionally, websites will suffer major password breaches, in which their password databases are stolen and offered to the highest bidder. People are creatures of habit and tend to reuse passwords for multiple accounts. This is potentially disastrous because it compromises your password not just for the breached website, but for every account you use that password for. Protect yourself by using different passwords.
Use longer passwords
Passwords of 12-14 characters are harder to crack than shorter ones. If yours is even longer, all the better. It’s best to also use a mix of capital letters, numbers and symbols for optimum security. Just make sure it’s memorable to you.
Create a passphrase
Choose a string of words and turn them into an acronym. Don’t go with an obvious phrase like “I love you” or “cat in the hat”. Choose a sentence with numbers and symbols. For example, “my great uncle Greg works on thirteenth avenue and he earns fifteen dollars an hour” which gives you a password of “mguGwo13aahe$15ah”. Much harder to crack, but the sentence ensures it’s still memorable to you.
Wherever possible opt for Two Factor Authentication (2FA). This is where you’re required to enter additional information after your username and password, usually a code provided by the website. This adds an extra level of security to your account. You can activate 2FA on popular websites including Facebook, Twitter and Paypal.
Consider your security questions
Finally, make sure you don’t betray a good password with a weak security question. If a hacker fails to guess your password, their next step will be to try your questions. You usually choose from a range of questions which might include your mother’s maiden name or the place you were born. These are spectacularly easy to guess, even if the hacker doesn’t know you. Your best bet is to make up a random answer, provided you can remember it. Alternatively, you could use a passphrase again. For example:
Q: Where did you go to school?
A: Iw2FvHS (“I went to Fairview High School”)