Cyberattacks and data breaches are becoming alarmingly common. Most attacks and breaches have one thing in common: victims were using weak passwords.
In a digital world, it is more important than ever to ensure your online accounts are protected by strong and secure passwords. But with so many accounts to keep track of, it can be overwhelming to remember a unique password for each one.
Martin Potgieter, co-founder and technical director at Nclose, stresses the importance of using a unique password for all of your online accounts.
“A lot of people have this one password in their head and they use it for their bank; they use it for their Facebook. This is exactly what you should not do,” warns Potgieter.
But what about the hassle of remembering multiple unique passwords?
Luckily, there is an easy solution – a password manager that can not only remember your passwords but also assist in creating super complex passwords for all your accounts. These password managers store your passwords in an encrypted state, so even if an attacker gains access to the area where they are stored, they will only see a jumbled version of your password
It is possible though to use computing power to try and decrypt the information, Potgieter adds. But this takes a lot of time.
Like most things, online password managers are also vulnerable to attacks. In the event of a breach at the password manager you use, Potgieter recommends changing the passwords to your most important accounts such as your banking and Google accounts immediately and all your other passwords soon thereafter.
By doing so, any effort by the hacker to decrypt your information becomes obsolete because your password would have already been changed.
Is it necessary to change passwords often?
So, how often should you change your passwords? Potgieter suggests that changing your password every month may not be the best recommendation anymore. He recommends changing your passwords every three to six months or even once a year depending on how comfortable you feel that your password is secure.
You should also approach it from a risk perspective. “The risk is lower with accounts that have two-factor authentication activated. Some websites or applications do not give that option, so you might want to change those passwords a little bit more often.”
Ultimately, it’s more important to use a different password for each account than to change your passwords every three to six months.
Creating a strong, memorable password
If you are not using a password manager, creating a strong, memorable password can be a challenge. Whereas most websites require a password of only eight characters, Potgieter recommends at least 14 to 21 characters that include symbols, numbers and capital letters.
Longer passwords are far harder to crack.
A password manager can easily generate these types of passwords on your behalf, but if you choose to create your own, there is a simple trick you can use to create a memorable one.
Potgieter recommends using a passphrase, even a short sentence, that you will remember, and spicing it up with capital letters, numbers and symbols to make it even more secure.