When I meet new customers, I often notice that their password security could use a little help. I’d like to share some thoughts on how to keep your passwords – and your online presence – secure.
Password security is your first line of defence against cyber threats. But let’s be honest: managing multiple complex passwords can be overwhelming. Many people resort to storing their passwords in a Word document named ‘passwords.docx’. While it might seem convenient, it’s also risky. What happens if that file gets stolen or you lose it due to a system crash?
I want to keep this a short read for you, so I’ll cover two important topics as quickly as I can.
- Checking if your email address or password has been compromised.
- Creating fantastic password hygiene.
Checking if your email address or password has been compromised.
Your data is valuable to you, and it’s also valuable to those who would want to exploit it for financial gain. They will try to get hold of your username, email address, or password by various nefarious means. This might a ‘phishing attack’ where they will target you with bogus emails, or they may attempt to gain direct access to the servers and computers holding your account details.
Unfortunately, from time to time they are successful.
The good news is that there a tools available to alert us in the event that our account information is compromised.
Each of these services allow you to enter your email address, and they will then scan their database to see if it has been listed in a data breach. If it has, then you should If it has, then you should immediately change that password and enable two-factor authentication.
Creating fantastic passwords
Many times, when working with folks, I see that moment when a new password needs to be created. I can literally see cogs stop turning when I say those magic words, “Ok .. now we need to create a new, strong, unique password.”. More times than not, I hear this chilling reply, “Yeah, let’s just use something simple for the moment…”
This is because we simply don’t have a script in our brain of how to create a strong and unique password which we can remember. Well .. we don’t need to remember it if we are using a password manager, but you know what I mean. 😉
If you do have a password manager in use, then this will of course also create a password for you. For those moments when need to create one yourself, do this.
- Look around the place where you are. What’s the first thing you see? A bottle? Ok. Remember bottle.
- Look around again. What’s the colour of the next thing you see? Purple? Cool. Remember purple.
- What’s the time? 10:43? Cool.
There you go. Your new strong and unique password could be: bottle-purple-1043.
According to a password entropy (complexity) calculator, this is a very strong password.
XKCD has a fantastic comic on this topic, and I refer folks to it all the time.
Managing your fantastic passwords!
Now that we have our very strong password, we need to store it some where. Because we have so many accounts, folks will reuse the same password all over the place. Don’t. Each account should have its own password. This might feel overwhelming. To give myself peace of mind, I use two tools:
KeePass
With KeePass, you can
- Generate strong, unique passwords for every account.
- Store passwords securely, accessible only to you.
- Autofill your credentials securely into login forms.I personally use KeePassXC, a version of KeePass that includes browser integration, making it even easier to manage passwords seamlessly.
- Create a One Time Password – A single use password used in two-factor authentication.
Using Dropbox or a similar service, you can access your passwords on any device.
Apple Passwords
“Passwords” is an app which is built into the Apple’s iOS, iPadOS and MacOS operating systems. It’s syncs via iCloud so all your passwords are available to all your devices which are signed into that iCloud account.
As well as all the benefits of KeePass it also:
- Automatically syncs your credentials to iCloud
- Notifies you of any security issues with your passwords; have they been breached or reused.
- Securely share a password with a trusted person – I’m 100% against sharing account passwords. But what this does allow you to is to create a unique password for someone else, and then share that securely.
Want to find out more?
Book a free 30 minute session with me today using this appointment link and let’s get your passwords and accounts are as safe as they can be!