How much do you value your privacy and security online? Have you considered what would happen if your online accounts got hacked?
Think of it this way – it would be easy to have a single key for your house, car and letterbox, yet it wouldn’t be very secure
Love them or hate them, passwords have become an important part of our online lives and although rarely appreciated, their importance is often only recognised when things go wrong. So how should you be working with passwords to protect your online accounts?
First, you need to create a unique password for every important account you use, especially e-mail and online banking. Don’t use passwords such as Password 1 or anything that is too simple – rather, use alphanumeric passwords.
The longer a password is, the harder it is to guess or crack. Adding numbers, symbols and mixed-case letters into the mix further reduces the chance of getting your accounts hacked.
Every password has to be unique. Think of it this way – it would be easy to have a single key for your house, car and letterbox, yet it wouldn’t be very secure. The same applies to your accounts’ passwords. Also, avoid re-using old passwords and regularly update the passwords to your most important accounts.
To help yourself remember your passwords, create an acronym from a piece of information which is easy to remember for you.
Store your passwords in a safe place. Whatever you do, don’t write them down on sticky notes and affix them to your monitor or anywhere else. If you tend to forget passwords, make sure there’s a way to recover them safely.
Managing your passwords
Managing strong passwords can be challenging and the most suggested solution is using a password manager, such as Lastpass (www.lastpass.com) or Roboform (www.roboform.com), where you can store all your passwords (locked behind a master password) and which offer a browser extension for easy log-ins.
Although this is a popular and handy method of managing passwords, it’s still not the most secure. Once your master password is hacked, all your accounts are exposed. If there’s one password which needs to be strong, it’s this one.
Another option is storing your passwords on an Excel sheet. Should you choose to create an Excel sheet with passwords to manually copy and paste into your browser, set a strong password on that sheet and do not name the sheet in a way that makes it obvious what its precious content is.
Setting a password on an Excel spreadsheet is easy – when you Save As, click Tools > General Options. You’ll find that menu right next to the Save button in Excel 2007 and 2010. In Excel 2013 you’ll find the option Protect Document > Encrypt with Password in the Info tab of the File menu.
Google account passwords
If you’re like me, your Google account plays an important part in your online life, not just for e-mail, but also using it on your smartphone (particularly if you own one running Android).
To add an extra layer of security to your Google account, you can use the two-step verification. This tool, offered free of charge, sends an SMS to your verified mobile phone with a code, which is requested after you log in to your Google account with your regular user name and password. Don’t worry, you can set an option to allow access from the computer and browser you’re using for a longer period of time, so you won’t have to retrieve this code every time you want to log in.
Setting that option won’t help secure your password much on computers with multiple users in your household, though it makes a big difference to protect against unwanted access from anywhere else.
Protecting your smartphone-connected accounts
Your phone is another potential chink in your account armour. If left unlocked, there’s no easier way for someone to access your personal data than through your phone, either when left unattended, or worse, when it gets stolen.
Besides inbuilt passwords and other security features most smartphones offer nowadays, remote lock functionality is an option which can be applied on most major brands such as Samsung and HTC, and iPhone (through its online iCloud platform). In case of theft, you can log in to an online application to remotely bar access to your phone, provided it has internet connectivity.
To protect your Google account specifically, you can also use application-specific passwords. These passwords can be generated when logged in to your Google account and need to be set only once on your phone. If your phone gets stolen, simply log in to your Google account from anywhere and revoke the password issued for your phone. Any attempted access to Google account-connected data on your phone will then be blocked.
The future of passwords?
No matter how much time you spend on creating strong passwords and managing them in the most secure manner, you still won’t be 100 per cent safe. Vulnerability doesn’t just depend on your own approach – it’s also the security of account providers which could be lacking.
A prominent and popular website such as Linkedin, for example, was hacked less than a year ago, while Evernote, a popular note-taking tool, was hacked earlier this year.
Such incidents result in millions of account user names and passwords (and the data they safeguard) becoming public domain and a free-for-all for anyone with malicious intent.
According to a recent article published on Wired.com, Google is looking into alternative ways of making account authentication easier and more secure, and hope to make passwords a thing of the past.
A company called Yubico produced small USB-connected authentication devices which got Google’s attention. This device, called Yubikey, works like a fingerprint reader, unlocking your PC or device like a car and automatically allowing sites (or browsers in the case of Google’s Chrome) to log in based on stored password data.
Not only is it a much more secure alternative for a master password (in the case of password management tools such as Last Pass), it also removes the threat of phishing.
Christina Goggi is a web marketing content specialist and a regular blogger on various technology websites.