Skip to content

Password Management Best Practices

Posted on by Dawna M. Roberts in SecurityNovember 04, 2020

In this digital age, we all have dozens of online accounts. With so many to keep track of, it becomes difficult to manage all our passwords to access the resources and websites we need. 

Hackers and thieves are working hard to breach your most intimate details, trying to steal your money, borrow your identity, and wreck your life. How do you stay safe and keep your information out of the hands of cybercriminals? Good password management and other security best practices is the answer.

password management

Password Security Best Practices

According to Verizon, in 2018, 81% of the data breaches were due to weak or stolen passwords. Most of those were able to be decrypted or guessed within minutes. We hear this all the time; many of the most massive data breaches and ransomware incidents were due to someone using a weak password or clicking a link from inside a phishing email and getting infected with malware.

Thankfully, there is a whole list of best practices you can employ to keep your online life safer and more secure against cyber threats.

1. Manage Your Passwords Better

Online security is a big risk for everyone. The more you know about how to stay safe, the better. Follow the tips below for better password and security management.

2. Passphrase Rather than a Password

Create a long, strong passphrase rather than a password. The old standard used to be a password between 8-12 characters long. With hackers getting sophisticated and much more efficient at breaking them, experts now suggest using a 64-character passphrase and include spaces in it. 

3. Two-Factor Authentication

Always sign up for two-factor authentication with all your accounts, especially those that involve money, credit cards, or personal information that can be used for identity theft. Two-factor authentication texts or emails you when changes to your account or new logins occur.

4. Turn on Encryption

If your device or service offers end-to-end encryption, turn it on. The more you can do to protect your data, the better.

5. Never use Real Words

Avoid using dictionary words because hackers have tools that check your password against normal dictionary words. Use nonsense words or paraphrases, replacing letters with symbols for the best protection. 

6. Never Reuse Passwords on Multiple Accounts

To remember their passwords most people reuse them on dozens of websites. Credential stuffing is a method hackers use to test passwords they stole from one account on other accounts. So, if you reused yours and the hackers get one, they now have control of all your stuff. 

7. Turn on Multi-Factor Authentication

If you have devices that offer biometric verification like TouchID or face recognition, turn them on. It adds another layer of security, so your passwords remain protected. Some websites provide other types of multi-factor authentication. Take advantage of any options you have available to you. 

8. Test Your Password Strength

Microsoft offers a tool where you can test the strength of a password, and it can even help generate better ones for you if yours fails the test.

9. Have I Been Pwned and Other Third-Party Search Tools

You can also check to see if your passwords have been breached using websites like Pwned and other search engines that compare your passwords with those found on the dark and deep web.

10. Don't Write Passwords Down on Paper

It may seem obvious but never write your passwords down on a slip of paper or sticky note. If remembering your passwords is difficult, install a password vault on your main computer and sync to all your devices so that you have access to your locked-down passwords wherever you go.

11. Do Business Offline

If you have explicitly sensitive information on a computer or device, keep it offline. Do not connect it to the internet, and you won't have to worry about it being hacked. Do secure it with a strong password, fingerprint, or face recognition lock. 

12. Never Share Passwords with Anyone

You may be good-intentioned by sharing your login account with a friend or family member, but you have no idea how they will use the account and what if any steps they have taken to secure their computer and devices. 

Final Thoughts on Best Practices

Invest in a good password vault/manager to help create good, strong passwords and store them for you, so you only need to remember one. Many of these programs will also evaluate your passwords' strength, perform an audit and alert you when one of your accounts has suffered a data breach, and log into websites for you, so you don't even need to enter a thing. Look for a password manager that offers syncing across all your devices and built-in encryption so you can feel safe opening it on your mobile phone.

Always keep all your devices updated with the latest security patches and install good, robust antivirus/anti-malware software and often run deep scans. 

About the Author

Related Articles

News Article

How to Detect “Fake News” Stories: Complete Guide to Fact-Checking

The last few years have brought many changes to the world, and one of the most sinister are fake news sto... Read More

News Article

How to Protect Yourself from Work-From-Home Scams

The idea of working from home sounds like a dream come true to many Americans. Some work-from-home jobs a... Read More

News Article

How Does Facebook People Search Work?

Social media platforms are great for finding long lost friends or family in far-flung places, but how the... Read More

News Article

A Full Guide on Social Engineering Attacks

Social Engineering Definition What is social engineering? Social engineering attacks are a new approac... Read More

News Article

What is The Most Common Password List: Discover and Avoid

To choose a good, safe password, it’s essential to know why password strength is necessary: it&rsqu... Read More

Uncover Hidden Information About Anyone: