The other day I mulled over how many websites I have actually “logged into” and the number is daunting. From my personal banking to my New York Times subscription, I have probably logged into hundreds of websites. Some are as simple as logging in with the help of Facebook, where others require the dreaded six plus character passcode. The task of changing your account information is a necessary evil on the to-do list, but finding the time is another thing-however, you know as well as I do that this task is essential in order to protect your privacy.
With the recent news that a group of Russian cyberpunks have stockpiled some 1.2 billion username and password combinations, AZ Tech Beat thinks it’s time to review the best ways to protect yourself online and lock down that password.
Hold Security, a Milwaukee firm, has a history of uncovering online security breaches and describes this most recent infringement as “the largest known collection of stolen internet credentials.” Hold Security told the New York Times that around 420,000 websites were invaded by the Russian hacker ring, but did not identify the names of the websites because of nondisclosure agreements.
Read: How to play hide-and-seek online – tools to protect your privacy
So, now that you are going to actually change the passwords, what’s next? We’ve gathered seven solutions released by the Associated Press to not only change your passwords, but to fortify them:
- Make your password long. The recommended minimum is eight characters, but 14 is better and 25 is even better than that.
- Use combinations of letters and numbers, upper and lower case and symbols such as the exclamation mark. Some services won’t let you do all of that, but try to vary it as much as you can. “PaSsWoRd!43” is far better than “password43.”
- Avoid words that are in dictionaries, even if you add numbers and symbols. There are programs that can crack passwords by going through databases of known words. One trick is to add numbers in the middle of a word — as in “pas123swor456d” instead of “password123456.” Another is to think of a sentence and use just the first letter of each word — as in “tqbfjotld” for “the quick brown fox jumps over the lazy dog.”
- Substitute characters. For instance, use the number zero instead of the letter O, or replace the S with a dollar sign.
- Never reuse passwords on other accounts. One exception is when a website prompts you to login with your “Facebook” account – this is fine as long as you make sure your Facebook account information is secure.
- Some services such as Gmail even give you the option of using two passwords when you use a particular device for the first time. The service will send a text message with a six-digit code to your phone when you try to use Gmail from an unrecognized device. You’ll need to enter that for access, and then the code expires. It’s optional, and it’s a pain — but it could save you from grief later on. Hackers won’t be able to access the account without possessing your phone. Turn it on by going to the account’s security settings.
If you have any reason to believe that your online accounts are at risk, change your passwords immediately! Stop being lazy and carve out some time to change at least 10 passwords a day. Trust me, it’s worth it.
Contributions from the Associated Press