Christmas ball

Author: Marcelo Pedro, Web Designer/Developer.

 

When it comes to online security, no matter how good you think your passwords are, stats prove that these are always our weakest link (for we are lazy humans after all).
With that in mind, we’ve gathered 5 tips to hopefully help you improve that, and make sure that yours will be as hard to crack as a nut (… sorry).

 

Michael Scott reacting in disagreement gif

1- Never, NEVER Use The Same Password:
I can almost picture some of you rolling your eyes at the sight of this one (please bear with me though), but I cannot stress enough how important this is.
Picture the following:

you think that you have an amazing password that would take an infinite amount of years to crack, so you use it all over the place.
Now the problem is that some companies could not care less about your online security and store your passwords in plain text (saving a few quid by doing so), and BAM; they’re hacked!

Following on their chain of good decision making, they realise about it but trying to save face and preventing investors from backing-off, they keep it a secret from everyone (including you), and instead of acting by immediately changing your “awesome blossom” password, you know none of it and carry on using it everywhere.

Now the hacker(s) have your “unbreakable” password at their mercy, and before selling it for a few pennies (or even for free), they try their luck with any other account connected to your email address and… well, from then on, may God be with you.

So remember to not only use multiple passwords, but to also change them every now and then, and if you happen to struggle to come up with new ideas, we are here for you, my friend, so stay with us and just keep on reading.

 

Cat laying on small box gif

2- Use A Password Manager:
Being a very personal choice, I won’t really insist on this one, however, I highly recommend that you use one.

A password manager keeps all of your passwords for you in a single vault safely encrypted, so that even if hacked, they are almost impossible to see without the decryption key.
And guess what?! All you’ll need to remember is that one ‘master’ password to access and unlock the vault (yup, that one single password you so much adore), so it goes without saying that it must be a very VERY good password indeed.

Now of course one can worry that, in the words of Tash watching Love Island, it’s like putting all of your eggs in one basket, and if it falls, they all break… which is a very valid point, and why I do not insist on anyone to do so unless they are comfortable with the idea.

In the end, the real question you must ask yourself is:
“Am I confident that I can remember complicated and different passwords for each website?”
If you are, by all means, do so. Otherwise, it’s better to have a great program doing its job very well, than a human mind being terribly predictable at it.

 

Woman expressing her surprise gif

3- Size Does Matter (dirty minds!):
If I show you two passwords, which do you think is the safest one?
&fs*Gb23%^._ or dog!!!!!!!!!!!!!
The first one?
I see why you might be tempted to think that (I certainly would too), but the second is actually the safer option. You see, the first is a 12 characters password and the second is 16 characters, and in the attempt of a hack, each digit matters.

 

Homer Simpson reading a dictionary

4- Words Are No Worse Than Characters:
There is another misconception that having random characters will protect you better than actual words, such as&673mdJ?DH* being better than NeroLeafOracleTrampolines, but since I wrote about it in such a cynical way, you guessed right: it’s wrong.

The programs trying to break our passwords will start by using logical words associations and popular passwords (which is where the misconception comes from), such as ILoveMyMummy or Password1234, but when choosing random words such as the green example above, it makes it harder to make any sense of it, and gives you a very long password with many characters.

Simple, yet effective! Additionally, mix it with a few numbers and special characters (if desired or required), and/or even different words from multiple languages if you do know some, and you’ll have yourself a good and solid password that’s still easy enough to remember.

 

Sheldon Cooper in agreement gif

5- But Characters Do Add Randomness:
In a perfect world, humans would be random, but the truth is that our minds are constantly trying to make sense of everything, and that prevents us from being very random at all.
So a good way to make a password memorable for us, while being completely random to a machine is to think of a sentence, and only keep certain letters of it and change some bits of it, for example:
Today, I woke up in a really good mood and thought: is it sunny?
(by only keeping the first letter of each word:)
T,Iwuiargmat:iis?

Another way is to replace random letters with numbers and characters resembling that letter, for example:
HostelCupSalsaBear could be H0st3lCup$4l$@B34r

My final example (and this is mainly for those who would still opt out of a password manager) is to have a common core of a password (a solid one of course), and change it slightly accordingly to each website, example:
F4n_T@$h_t!c;
(on Gmail) F4n_T@$h_t!c;GM4emails
(on YouTube) F4n_T@$h_t!c;YT4tasks
(on Facebook) F4n_T@$h_t!c;FB4social
… anyway, you get the idea right?

Note: this method is certainly not as safe as using a different password for each website, but is nevertheless better still than having a single password for all.

 

So there you have it!
I know there was quite a bit to read this time, but I just wanted to use plain and clear examples as to why it is so important to make your passwords safer.
You can also find online resources to test the strength of your password(s), such as How Secure Is My Password.
At the end of the day, we’ll never be 100% safe, but we can always try to get better at it.