Password security has changed a lot in recent years. As computers get faster and hackers get smarter, we've had to adapt in order to keep our data and accounts secure. So here are a few tips to help you stay secure and not get hacked.
1. Longer is more important than complex
What I mean is that the length of your password matters more than the special characters or how complicated it looks. Aim for something 12-20 characters long.
This cartoon perfectly illustrates this idea.
*Credit: XKCD: https://xkcd.com/936/
**TMW note: Please make sure your password does not exceed 20 characters or you will not be able to login to TMW
2. PassPhrases are better than Passwords
Like the cartoon describes, don't use a single word with some crazy characters because it is actually easy to crack but hard for you to remember. What most experts recommend are PassPhrases. Select 3-4 unrelated words that you can remember or a quirky phrase and use that as your password. Add any upper case, numbers, or characters that the website requires and rest easy knowing you have a very secure passphrase. It also helps if one of the words is in another language to help protect from a dictionary attack.
3. Never Reuse a Password
It's very important for every account to have it's own password. This way, if you have a breach, none of your other accounts will also be compromised.
BUT... You may be looking at all this and thinking it's impossible. There's no way I can memorize 30 Passphrases that are 12-20 characters in length. And you would be right. It's also very dangerous to have those passwords typed in a digital file on your computer. So what should you do?
4. How to Remember These Passwords
The Easy & High Tech Option: Only remember 1 password by using a password manager. You remember one really good and secure master password and the online/app tool remembers all your other passwords. Here are 2 good managers. Paid option. Free option.
The Low Tech Option: A physical notebook that you lock in your desk. This one is good.
The Other High Tech Option: If you wish to use a thumbdrive-type device, we recommend Yubikey. NEVER keep a digital document full of passwords even if it's on a thumbdrive. Any time that file is open on your computer, it could potentially be accessed or stolen and then hackers have all your passwords.
5. 2FA - 2 Factor Authentication
You have seen this in action if you have ever used the Authenticator app to sign in to your FirstFleet Microsoft 365 account. This is one of the best ways to stay secure and we encourage you to turn on 2 factor authentication for any and all personal accounts you can.
For more information on creating a secure password, click here.