As the world gets increasingly connected, the “bad guys” are tirelessly seeking ways to steal whatever information they can from you. One of such ways we have carelessly made it easy for them is with bad password habits.
Before I spill the beans on this subject, allow me share a story.
I once had this friend whose name was John. He had the coolest apartment on the block, and drove the coolest car in the hood. Word had it that John’s father was very wealthy, and when he died he left him some ‘change.’ The good life was how John spent all his inheritance. John had a good number of friends who stayed at his, so they shared a single key. When John or any of his friends left the house, they locked the door and left the key under the front door’s foot mat. Did I hear you say “How careless”? One day, John came home to an empty house. An unknown person had found his key, gained access to his apartment, and made away with everything in it.
I’m sure you’re smart enough to know where I am going with my story. Those crappy passwords you’re using, they’re no different from what John and his friends were doing with that key. Your password is a key. It’s the most popular way you can prove that you’re who you say you are on the internet.
This article is not (only) about making you picture doomsday if you don’t change. It’s about showing you how in luck you are, to be reading this. I will discuss five bad password habits you might have and if you’re on this table I’m shaking, come down quickly.
Using personal data
For years, surveys have shown that “This is too hard!” has been the number one reason why people use easy-to-remember passwords that are based on personal data, such as your birthday, anniversaries, nickname, pet name, etc. What you must remember is: passwords of this nature are very weak, and here’s why. You have already littered your Facebook and Instagram account with this information, making it easy for hackers to successfully attack you. So avoid using these type of passwords.
Using easily guessable dictionary words
The reason to avoid dictionary words as passwords is simple: they can be cracked by a password cracker in a fraction of a second. Easy breezy! This includes substitutions such as @ for a in [email protected], or 1 for lowercase l in fai1.
Using the same password across multiple online accounts and platforms
Four big data breaches have already occurred in 2019, and it’s only May. One of the worst in history happened earlier this year and affected 2.7 billion users. Also, research has found that the more online accounts you have, the more vulnerable you are. It’s not just the simple math of more accounts, more exposure. It’s because the more accounts you have, the more likely you are to reuse user names or passwords. Hackers know this and always exploit this very common bad habit.
For a start, let’s imagine Facebook had a security breach and data was stolen by a hacker (which happens often by the way). Do you know the hackers can attempt to crack your password (easy breezy, if your password is weak), and sell it alongside passwords of billions of other Facebook users, on the dark web? Fraudsters can then use this data to hack your accounts across platforms, if you have one password for more than one online account. So close your eyes now and imagine the crazy possibilities. Open your eyes and create unique passwords for each online account you have if you’re keen on keeping the crooks out.
Think of your password as underwear. Do you have only one? I bet you have a couple. However, let’s be clear, I don’t expect you to remember a long list worth of complicated passwords, and that’s why you should use a password manager to create and store your passwords. I will be sharing more about this in a follow up article.
Using commonly used and very simple passwords
It is good practice to make your passwords hard to guess. Your password should ideally be complex, with a mix of uppercase & lowercase alphabets, numbers, punctuations and special characters (e.g % # & @). Your password should have nothing to do with words that describe you or things you love.
Not changing your password frequently enough
You know what scares me the most about ‘everlasting’ passwords? By everlasting, I mean you’ve had one password for years, maybe even decades. I remember the worst security breach in history, the hacking of 3 billion Yahoo accounts, which happened in 2013 but didn’t come to light until 2016. Meaning hackers had three years headstart on exploiting the stolen data.
This is the more reason why you should change your password at least every three months, especially your main business and email accounts. It’s not good enough to have unique passwords, you have to change them. Or do you wear one underwear for one year? Oh, forget I asked that question.
This seems hard. How do I pick decent passwords and remember them all? If these questions are on your mind, look out for my next article. It will answer all your questions about keeping hackers out by forming good password habits. Hard as it may sound, it is doable and simple if you know the tips and tricks I will be sharing.