With the proliferation of web services and the rise in cybercrimes, managing passwords is the key to protecting sensitive financial and personal information online. But to remember tens of different passwords is quite tasking for many people nowadays.
The easy options — using the same password each time or writing them down on paper or in a spreadsheet — are bad options. In fact, IT security experts strongly warn against these options as they leave you vulnerable to online theft. Also, using your birth date as password isn’t good either. That’s where password managers come in.
- Lawan: Some government officials mislead Buhari to reject bills
- NULGE urges Nigerians to reject moves to delist LGAs
In today’s virtual world passwords are not an ideal way of securing systems, but the method will be here for a while longer, experts said. As we move many functions online, a good starting point is cultivating the practice of creating complex passwords of at least eight characters or more. These should contain numbers, symbols and a mix of lower and upper case letters.
Weak passwords can be cracked easily, akin to leaving your front door unlocked. Hackers can install scanning software to run endless variations of words and possibilities to crack this example ‘kittens123’.
So here are tips for password creation and how to manage all your accounts securely.
Not to share passwords between people or systems
Don’t do your banking on shared computers or laptops
Take care using your mobile with free Wi-Fi in cafés, banking is not safe
Do not write your password on post-it notes or store in an unsecured memo on your mobile
Do not keep a list in unprotected documents, text files or spreadsheets on your laptop
Avoid using the same password on multiple websites, you can expose all of your accounts in one go.
Tips for strong passwords:
At least eight characters or more
Contain a mix of four different types of characters: upper/lower case letters, numbers and special characters like */”&
If you only have one special character in your password don’t make it the first or last character in your password i.e. aGdQl01@
Your password shouldn’t be a name or word in any language in the dictionary
Your password should not include any part of your name, address or date of birth
- You can keep a hint of your password but don’t include any related services or websites linked to it
Use a different password for every service or website.
According to a research by Dashlane, most of us have the general ability to remember up to 10 passwords and those with exceptional memory could possibly recall up to 20. Currently, Dashlane has close to 3 million users with an average between 50 and 60 different online accounts each. Many of us would have trouble linking our passwords to so many accounts.
A solution to all is to use a reputable password manager. It allows you to store multiple passwords in encrypted form so you don’t have to remember them. You can access all your passwords using one strong master password. A password manager should be able to work across all your Windows, Mac, Android and iOS devices.
The best password managers give you an option to sync or keep passwords local only. Some have no web or online components at all. Most of them audit all your passwords ensuring you are not using them over several accounts.
Before you decide on using a password manager, do some research. Wired mentioned one of the most popular free password manager apps, LastPass, got hacked near the beginning of 2016.
Determine whether you need a password manager. Facebook. Yahoo. Twitter. LinkedIn. Zoom. Equifax. What’s something that all of these companies have in common? They’ve all experienced massive hacks that resulted in their users’ passwords becoming publicly available to hackers. Once a hacker has someone’s username and password for one site, they can use fast-acting scripts to try that login information on other websites. This means if you reuse the same password on more than one site, you’re at risk!
If you’re type of person (and who isn’t?) with dozens to hundreds of accounts on different services, a password manager will give you peace of mind. Password managers work by storing and encrypting all of your logins and passwords in one location, protected by a “master” password. The password manager will help you create a strong unique password for every site you site in to, but you’ll only need to remember your master password.
If you are capable of remembering multiple different secure passwords, you may not need a password manager. However, since most sites and services now require logins, it’s rare that someone can remember a completely unique password for more than a few websites.
Try your web browser’s password manager first. Most major web browsers, including Chrome, Safari, and Firefox, suggest strong unique passwords for accounts you create on the web. They also give you the option to store these passwords in your browser’s settings, making it so you don’t have to remember the complex combination of characters suggested by the browser. There are some pluses and minuses to using your browser to manage your passwords:
If you use the same browser on your computer, phone, and/or tablet, storing your passwords in that browser makes it so the same passwords are accessible any time you’re logged into your web browser. This means that if you’re signed into Chrome on your computer, for example, and save a password to the password manager, the password will also be available in Chrome on your iPhone.
When you log into a website you haven’t logged into before, your browser will prompt you to save the login information so you can easily use it in the future.
Chrome and Safari both label any passwords you use on multiple sites and advise you to change them.
Using a browser-based password manager won’t help you when you need to sign into other apps on your phone or tablet, such as the Instagram app or Facebook. The passwords saved by the browser will only be pre-filled when signing into sites in the browser.
Your passwords are only as strong as your browser account. For example, if your Google account password is hacked, all of your passwords saved to Chrome will be accessible to the hacker. Make sure the password you use to access your account is exceptionally secure, and protected by two-factor authentication.
Consider a non-browser password manager. Unlike browser password managers, standalone password management apps can keep track of your non-web passwords, such as for your Instagram app, your work mail client, and your database software. Most password managers only require you to remember one “master” password, and will suggest secure unique passwords for all other sites you sign in to. Some popular options:
LastPass: Works on Windows, macOS, and Linux, and has browser plugins for Chrome, Firefox, Safari, Edge, and Opera. You can install the mobile app on your iPhone/iPad and/or Android.
Has a free option that is fully featured (with a few exceptions) for one user. The $3 tier, also for one user, also allows you to share passwords and other items securely, monitors dark web activity, and has an emergency access option in case you lose your master password. Family and business options exist also.
DashLane: Works on Windows, macOS, iPhone, iPad, Android, and ChromeOS. Has browser plugins for Chrome, Safari, Firefox, Edge, and Opera.
Has a free option that stores up to 50 passwords on one device.
Keeper: Works on Windows, macOS, iPhone, iPad, Android, Linux, and ChromeOS. Has browser plugins for Chrome, Edge, Firefox, Safari, and Opera.
The free version of Keeper only works on one system.
1Password: Works on Windows, macOS, Linux, iPhone/iPad, Android, and ChromeOS. Has browser plugins for Safari, Firefox, Chrome, Brave, and Microsoft Edge.
There is no free version of 1Password—just a free trial. There’s also a family plan upgrade, which has a feature that allows family members to help one another get back into accounts they’ve been locked out of.
Install the password manager software on all of your devices. The key to making sure a password manager works for you is being able to log into it everywhere. If you install LastPass on your PC, also install it on your Android, iPad, and anywhere else you sign in. Any time you create a new password with your password manager, it will be available everywhere else you use that password manager.