Creating strong passwords

Creating strong passwords
 
You'll need to create a password to do just about everything on the Web, from checking your email to online banking. And while it's simpler to use a short, easy-to-remember password, this can also pose serious risks to your online security. To protect yourself and your information, you'll want to use passwords that are long, strong, and difficult for someone else to guess while still keeping them relatively easy for you to remember.

Why do I need a strong password?
 
At this point, you may be wondering, why do I even need a strong password anyway? The truth is that even though most websites are secure, there's always a small chance someone may try to access or steal your information. This is commonly known as hacking. A strong password is one of the best ways to defend your accounts and private information from hackers.

Tips for creating strong passwords

• A strong password is one that's easy for you to remember but difficult for others to guess. Let's take a look at some of the most important things to consider when creating a password.
• Never use personal information such as your name, birthday, user name, or email address. This type of information is often publicly available, which makes it easier for someone to guess your password.
• Use a longer password. Your password should be at least six characters long, although for extra security it should be even longer.
• Don't use the same password for each account. If someone discovers your password for one account, all of your other accounts will be vulnerable.
• Try to include numbers, symbols, and both uppercase and lowercase letters.
• Avoid using words that can be found in the dictionary. For example, swimming1 would be a weak password.
• Random passwords are the strongest. If you're having trouble creating one, you can use a password generator instead.

Common password mistakes

Some of the most commonly used passwords are based on family names, hobbies, or just a simple pattern. While these types of passwords are easy to remember, they're also some of the least secure. Let's take a look at some of the most common password mistakes and how to fix them.

 
 Password: brian12kate5
"I doubt anyone could guess my password! It's my kids' names and ages. Who else would know that?"



Problem: This password uses too much personal information, along with common words that could be found in the dictionary.

Solution: A stronger version of this password would use symbols, uppercase letters, and a more random order. And rather than using family names, we could combine a character from a movie with a type of food. For example, Chewbacca and pizza could become chEwbAccAp!ZZa. 

Password: w3St!
"My password is so simple! It's just the beginning of my street address with a few extra characters."



 


Problem: At only five characters, this password is way too short. It also includes part of her address, which is publicly available information.

Solution: A stronger version of this password would be much longer, ideally more than 10 characters. We could also substitute a nearby street name instead of her current address. For example, Pemberly Ave could become p3MberLY%Av.
 

Password: 123abccba321
"My password follows a simple pattern, so it's easy to remember and type on my keyboard."


Problem: While patterns like this are easy to remember, they're also some of the first things a hacker might guess when attempting to access your account.
Solution: Remember that random passwords are much stronger than simple patterns. If you're having trouble creating a new password, try using a password generator instead. Here's an example of a generated password: #eV$pIg&qf.

If you use a password generator, you may also want to create a mnemonic device to make the password easier to remember. For example, H=jNp2# could be remembered as HARRY = jessica NORTH paris 2 #. This may still feel pretty random, but with a bit of practice it becomes relatively easy to memorize

Password: BrAveZ!2
"I use the same passwords for all my accounts. This way, I only have to remember one password!"


Problem: There's nothing really wrong with this password, but remember that you should never use the same password with different accounts.
Solution: Create a unique password for each of your online accounts.

Using password managers

Instead of writing your passwords on paper where someone might find them, you can use a password manager to store them securely online. Password managers can remember and enter your password on different websites, which means you won't have to remember longer passwords. Examples of password managers include LastPass, 1Password, and Google Chrome's password manager.

Password: m#P52s@ap$V
"I use a password generator to create all of my passwords. They're not super easy to remember, but that's OK; I also use a password manager to keep track of them."

 

This is a great example of a strong password. It's strong, long, and difficult for someone else to guess. It uses more than 10 characters with letters (both uppercase and lowercase), numbers, and symbols, and includes no obvious personal information or common words. This password might even be a bit too complicated to remember without a password manager, which underscores why they're so helpful when creating a strong password.

Remember to use these tips whenever you create a password to keep your online information safe and secure.

Read More

How to protect yourself while on the Internet

How to protect yourself while on the Internet


Below are all of the steps and suggestions everyone should follow to keep their computers and their personal information safe while being connected to the Internet.
Note: All of the following information should be followed and understood by all computer users regardless of what type computer, operating system, or device they are using.

Verify data is encrypted


When sending confidential information over the Internet, such as usernames, passwords, or credit card numbers, only send it securely. To verify this, look for a small lock (Internet browser security lock) in the bottom right corner of your browser window or next to the address bar (as shown below). If visible, this lock should also be in the locked position and not unlocked.

Internet Explorer secure address bar

We also suggest making sure the URL begins with https, as shown above.

While the lock is in the locked position, data is encrypted, which helps anyone from understanding the data if it's intercepted. When no lock is visible or in the unlocked position, all information is plaintext and could be read if intercepted. If a web page is not secure, such as an online forum, use a password you wouldn't use with protected sites, such as your online banking website.

Use a safe password

Websites that store confidential data, such as an online bank site, need to use strong passwords. Also, it is highly recommended that you use a different password for each website that requires a login. If you need help remembering your passwords, consider using a password manager.

When available always enable two-factor authentication

Two-factor authentication adds additional protection by requiring an additional step in verifying a login. Typically with two-factor authentication, after verifying your password, if the service does not recognize your computer, it sends your phone a text message with a verification code. If someone had your password but did not have your phone, even with a valid password, they cannot access your account.

Two-factor authentication should at the very least be enabled on your e-mail account. Most account passwords can be reset using the forgot password feature, which sends a new password or link to reset the password to the e-mail address on file. If anyone has access to your e-mail account, they could get the new password for your account.

Keep your operating system and software up-to-date

Many of the updates that are released by developers of operating systems are related to computer security related issues. Make sure your operating system is always running the latest updates and that you're running an operating system that is still supported by the developer. Older operating systems like Microsoft Windows XP are no longer supported by Microsoft and therefore no longer get updates.

Always be cautious of e-mail links and attachments

One of the most common methods of spreading viruses and malware is through e-mail attachments and hyperlinks sent through e-mail. Always be extremely cautious when dealing with any attachments or links in e-mails you've received from anyone (even friends and family).

E-mail is not encrypted

Never transmit confidential data over e-mail, such as passwords, credit card information, etc. E-mail is not encrypted, and if intercepted by a third-party, it could be read.
Be aware of phishing scams

Familiarized yourself with phishing scams and techniques, which are used to trick you into divulging your account information. Online banking sites, Paypal, eBay, Amazon, and other popular sites that require logins are popular targets.

Use caution when accepting or agreeing to prompts

When you're prompted to install any program or add-on, make sure to read and understand the agreement before clicking on the Ok button. If you do not understand the agreement or feel it is not necessary to install the program, cancel or close the window.
Additionally, when installing any program, watch for any check box that asks if it's ok to install a third-party program, toolbar, etc. These are never required and often cause more issues than good. Leave these boxes unchecked.

Be cautious where you're logging in from

Business

Your place of work can install key loggers or use other methods of monitoring the computer while online. Someone who has access to this information could read these logs and gather usernames and passwords. Also, do not store any passwords in your browser if your computer is shared with other coworkers.

Wireless network

When on a wireless network, realize that all information being sent to and from your computer can be intercepted and read by someone nearby. Prevent this from happening by only logging onto a secure network using WEP or WPA (only use WEP if WPA is not available). If this is a home wireless network, make sure it is secure.

Friends house

Be concerned when logging into an account on a friend's computer. A computer or network you are not familiar with could intentionally or unintentionally log usernames and passwords. Finally, when logging into any site on a friend's computer, never save the password information on their browser.

Use an alternative browser

Older versions of Internet Explorer are notoriously insecure. If you are using Internet Explorer as your browser, consider an alternative browser such as Google Chrome or Mozilla Firefox. If you are running Windows 10 and want to continue to use a Microsoft browser, consider using Microsoft Edge instead of Internet Explorer.

Be aware of those around you

While at work, school, library, or anywhere that has people around who could look at the monitor, be cautious of anyone shoulder surfing. Someone could watch you type in your password, which would give them access to your account.

If you need information displayed on the screen to remain private, consider a privacy filter for the display.

Update Internet browser plugins

Often many attackers find security vulnerabilities through browser plugins, such as Adobe Flash. Make sure all installed Internet plug-ins are up-to-date.

Secure saved passwords

Make sure to store passwords and login information in a secure area. Never write login information on a sticky note or in a text file that is not encrypted.

To save your passwords, we recommend using a password manager, which stores all login information and securely encrypts and password protects that information.

When saving password information in a browser, it may be visible to anyone who has access to your Internet browser. For example, without a master password setup in Firefox, anyone can see all stored passwords.

Protect yourself against malware, spyware, and viruses

Protect your computer from viruses by installing an anti-virus program on the computer. If you do not want to install anti-virus protection and your computer is running a newer version of Windows, at least have Windows Defender running on the computer. Also, having a malware protection program on the computer, such as Malwarebytes, is also a good method of protecting your computer against malware and spyware.

Verify the checksum of downloaded files

If you've downloaded a program from a website that also lists a file checksum, make sure the checksum matches the file that you've downloaded. Verifying the checksum of a downloaded program can help verify that the program you are installing is what you want to install.

How to verify the checksum of an installer file.

Use a third-party service to confirm the safety and security of a page

We recommend the free Web of Trust (WOT) tool to verify the safety of all websites on the Internet. If you or anyone else using your computer happens to visit a site that has been marked by the community as not being safe, you'll receive a warning.

Related Articles:)

• How to prevent unauthorized computer access.
• Protecting children from harmful material and people on the Internet.
• Is online banking safe?
• How to protect my webcam from being hacked.
• How do I know if my computer has been hacked?
• How can I be anonymous on the Internet?
• How does a computer get infected with a virus or spyware?
• Top 10 computer mistakes beginners make.

Read More