So, you followed what the experts say and set “5z@H8w$0f$yj^k” as your password then saved it to your SuperSecure password vault. But what do you do when your entire vault is stolen?
Storing your passwords outside of your brain always adds some risk to the passwords being stolen. However, for most of us, we need a tool to track many strong passwords that doesn’t involve sticky notes. Password managers are great at this, and the benefit outweighs the risk of (re)using weak passwords.
Let’s talk about more ways to keep your online lives secure.
- 2FA / MFA
Two Factor Authentication forces one to provide something else in addition to the password to log in. Unless you’re logging in, do not approve your 2FA notification, or share the code with someone else.
- Unique passwords
Don’t reuse password. Using the same password for multiple systems increases your risks because it means one compromised password is valid at another platform.
Did you know white space is a special character? Instead of trying to add a “!” at the end of your password to meet the complex password requirement (Pro Tip: Bad guys already know this trick), try making it a clause: “Extra hot iced latte for orange zebra.” 38-character-long passphrase with Upper, lower, special characters, and a memorable image.
- Partial storage
When storing your password online, you might abbreviate the data so that in case of compromise, copy-paste of the version won’t be valid. For example, you might store “Extra HI latte for oz.” instead.
Data breaches are slowly becoming the new stolen bank card numbers. It’s happening more often, and we don’t freak out as often at the news. Data dump from one compromise is often used in scam attempts. Remember, no matter how compelling the person on the other end sounds, a legitimate business (or government agency) will never ask for payment in gift cards.