The Importance Of Secure Passwords

The importance of online security is underestimated by the average user, and that’s why I've put together this guide on the importance of secure passwords online which can help you protect and guard your digital accounts, which are essentially your digital identity. You’d keep your passport, driving license, or other ID card safe – the same rules apply to online identities!

TL;DR

Create secure, unique passwords with a password manager, ensuring you don't re-use passwords. Add extra security by purchasing a security key!

A little bit of background

My friends and family say I’m paranoid when I tell them my passwords are a minimum of 24 characters long, and usually longer than that – I explain to them a secure password is required to maintain privacy and security, since the Internet can expose your personal and sensitive information if you are not careful. ‘How do you remember such long passwords?’, they ask. Do I have many different long passwords? What if I forget a password? The simple answer is - I use a password manager.

Everyday tool composition
Photo by Dan Nelson / Unsplash

How To Avoid Being Vulnerable Online

Online security is a real concern for anyone and everyone who has digital accounts on multiple websites. You may have registered an account for something and only used it once, perhaps to redeem an offer or to download a particular app.

The data you provided during registration, such as your name, email address, password and possibly your personal information (date of birth, address and mobile number) is sitting somewhere in a database. If it is an unsecure or vulnerable database, it makes it very easy for attackers to gain access to it and for your information to be leaked, and could potentially lead to one or more of your accounts being compromised.

For example, if you use the same email address and password combination for several online accounts - including important and regularly used platforms such as your email, banking apps/websites, or Netflix - this means the attacker could potentially gain access to these accounts using that same email and password combination.

This is why it is vital to not reuse passwords. If all the house doors on your street could be opened with one key, why would you not think about changing your locks? You definitely wouldn’t want someone else snooping around in your home and your online accounts are no different.

How To Create A Secure Password

Creating a secure password can be challenging for some users. Websites often recommend generating a password which meets a certain criteria and this can be difficult to do.

Password Tips

When you are unable to use a password manager, my advice is to always pick a combination of a few memorable things, such as nicknames, dates, places, and manipulate the way they are written.

For example, if your chosen memorable things were Ferrari, 2019, and Watermelon, you could combine and manipulate them to become ‘Ferr@ri2k19H2OMelon’ – notice how:

  • the ‘a’ in Ferrari has been replaced with the @ symbol
  • the year 2019 has been abbreviated as 2k19
  • the word ‘water’ in watermelon has been replaced with H2O (still water)

This creates a better password than ‘Ferrari2019Watermelon’ because of the additional capital letters and the special character ‘@’. This password would be less vulnerable to a dictionary based attack, since the former contains common words.

IMPORTANT: don't re-use passwords! Read on to find out why you may never need to remember passwords...

How To Store Passwords Securely

Creating strong passwords is one thing, remembering them is another. As mentioned previously, we actively advise against keeping the same passwords across your digital channels. However, how do you remember all of these passwords?

I recommend using a password manager. There are several options available, but I personally use and recommend 1Password. Here are some of the features:

  • Accessible on all platforms (Windows, iOS, Android)
  • Autofill password options in browsers and apps
  • Store and organise login information into 'vaults'
  • Ability to share login details with family/friends
  • Built-in password generator
  • Ability to add 2FA to most applications/websites
  • Inexpensive monthly cost (around £3.69 per month per user)

By storing your passwords on a secure platform, you can control and keep track of all your accounts in a simple yet safe way. Whether you are looking for a password storage system for personal, freelance or business use, they are vital for keeping account details safe and at less risk of being compromised.

Enhancing Your Security

Ever heard of a security key? It's a magical little device that is an additional layer of protection, and is a form of MFA (multi-factor authentication) aka 2FA (two-factor authentication). Similar to how you'd enter a 6 digit code generated by an authenticator app, a security simply needs to be connected to the device you are logging into an app/website with, and you have to touch the key to authenticate yourself. This means you don't need to use an authenticator app if you have a security key!

A lot of popular applications/websites will support a security key as an additional MFA method, although less known applications/websites may not.

I recommend the Yubico YubiKey 5 NFC - I personally use this and it's a great little device. It also works with my phone using NFC so I can keep my security key on me when I'm out and about. You can also check out these 3D printed desktop holders I've designed and 3D printed for this particular security key model - they make desktop access super easy! If you have a 3D printer you can download the STL on Thingiverse and print it yourself.

Summary

So, we've talked about creating secure passwords, avoiding being vulnerable online, using a password manager, and enhancing security with 2FA.

Stay safe, stay secure, be alert, and don't get trapped! If it sounds too good to be true, it probably is!