When it comes to password management, common sense can sometimes be overshadowed by human nature. Despite our best intentions, we often fall into patterns that increase vulnerability to data breaches and weaken our cybersecurity. Strong password practices go a long way toward protecting personal and company info while making your passwords safer and easier to create, store, and recall. Here are our top 10 password tips and tricks to protect yourself:
Check out our personal password manager plans or get started with a free business trial.
We established our list of password security tips by reviewing what can happen when passwords are weak, disorganized, or unencrypted. Among other benefits, a strong password:
Our top 10 password tips and tricks can keep your information and devices safer and might even make your computing life a little easier:
1. Make your passwords long: Increasing password length is among the most important password security tips. The logic behind longer passwords is simple—each time you add an extra character, you increase the number of possible combinations, along with the time it would take an attacker to decipher the password. Just going from 8 to 12 characters makes it nearly impossible to guess a password based on random, computer-generated combinations.
2. Avoid common phrases: What do we mean by common phrases? Dictionary words like password, monkey, dragon, and princess are among those commonly used as a password (or part of one). Not surprisingly, these simple words, along with basic patterns like abcd1234, are also easy for others to guess. Numerical passwords like 123456789 are even less secure since there are only ten available characters.
3. Don’t use personal info: Most of us are guilty of this occasionally. After all, it’s much easier to remember your parakeet’s name than some random combination of numbers and letters. Addresses and birthdays are other examples of personal information that people convert into passwords to make them easier to remember. Since this identifying information can often be found on the web, leave it out of your passwords.
4. Use a mix of characters: Using a variety of symbols in your password, including uppercase letters, lowercase letters, numbers, and special characters, is another good way to strengthen password security. Since there are no set rules for arranging the symbols, try inserting special characters and uppercase letters into the middle of the password, not just the beginning or end. But while you may think it’s clever to replace common letters with symbols, l!k3 th!$, be warned: cybercriminals are wise to this tactic, so it won’t actually slow them down any more than regular words will.
5. Never reuse passwords: The volume of accounts and passwords we maintain can lead us to reuse passwords to make them easier to remember. Duplicate passwords weaken cybersecurity by exposing multiple accounts if even one password is compromised. Dashlane’s Password Health score feature identifies and grades your reused, weak, and compromised passwords and provides you with recommendations to instantly improve your score.
6. Never store passwords in an unsafe place: This tip refers to unsafe physical locations as well as risky virtual locations that may not be quite as obvious. Passwords stored in desk drawers or written on sticky notes can easily be lost or fall into the wrong hands. Passwords stored electronically in spreadsheets, Slack accounts, or web browsers are also vulnerable since none of these methods typically use encryption to protect stored passwords.
The best way to store passwords at home or at work is to use a safe password manager to create and store complex, encrypted passwords on secure external servers, where they are always protected from hacks and data breaches.
7. Only change your password when you need to: Changing passwords too often can make them less secure. Why? Because too-frequent password changes might result in only minor changes to existing password(s). NIST digital identity guidelines explain that these small changes have little value since attackers can apply the same transformations. NIST recommends establishing controls to screen out weak or compromised passwords instead. Unnecessary password changes can also create hassles for IT teams, with employees in the set-forget-reset loop often locked out of their own accounts.
8. Use 2-factor authentication: 2-factor authentication (2FA) uses a second credential, such as a code sent through an app or e-mail account, to further verify user identity at login. Some 2FA and multi-factor authentication (MFA) techniques use biometric identifiers like fingerprints or facial recognition. This extra security step lands among our top password tips since it makes it nearly impossible for an intruder to access your accounts without having your device in their possession.
9. Use a VPN on public WiFi: When you log into a public WiFi network without the protection of a virtual private network (VPN), your information can be intercepted. A VPN service encrypts the data going into or out of your device and routes it through a secure portal, making it easier to protect your passwords and personal information on public WiFi networks.
10. Only share passwords securely: Password sharing is a common practice for many retail, subscription, and workplace accounts. If anyone you have shared a password with is impacted by cybercrime, your identity and information become vulnerable as well. The best password managers include encrypted portals for password sharing that allow you to transfer private information easilyly without sacrificing privacy or increasing vulnerability to hacking.
Dashlane’s password management solution makes it easier to follow the top password security tips. With Dashlane, you can create strong, random, and unique passwords, then store and autofill them securely. Standard features, including 2FA, password health scoring, a secure password sharing portal, and 256-bit AES encryption, take the guesswork and legwork out of password protection. Additional VPN and Dark Web Monitoring services bolster password security at home, at work, or on the road.