- Change passwords frequently
- Don’t share your passwords with anyone
- Don’t write it down
- Add symbols and upper lower plus alphabets and numbers
Security experts feel the world is very different now and while we should still stick to the general recommendations for passwords, there are some things we can let go of.
Change password often? Not really!
Experts believe doing so causes one to choose easier passwords and make only subtle changes which are easy for a hacker to guess. You must change your passwords if you feel you are compromised and there are various tools available for you to be alerted if the password is compromised. Use of 2 factor authentication is also a good idea which will help if your password does get compromised.
Choose complicated non dictionary words with capital and small alphabets and numbers? @#$$@$ Nah..
This rule is difficult for most users and it’s now recommended to use 3-4 non-associated words, e.g. both RedBoatChipPeppers and Red8oatChipPepper$ are good examples of new recommended strong passwords, go for long phrases rather than short passwords. The longer the password the more difficult to crack. Aim for 16 and above characters
Don’t write it down? What??? Boring….
The biggest threat many years back was from people around you which is not the case anymore with the biggest threat now no longer in your local environment but rather from hackers. We do recommend password managers but if this is too complicated you can write down your password and keep it securely under lock and key. Experts believe that this change will help people adopt more complicated passwords or and choose totally different passwords rather than subtle changes.
Don’t share your password? Yeah right! Explain that to my girlfriend!!
Experts believe that the modern world where online activities are no longer restricted to personal banking or personal social, but rather family/friends/partner will have a single amazon or food delivery or Netflix account sharing is common, there is risk but we have to accept that this is something people will continue to do. Hence focusing on explaining how these accounts should be shared is important as well. Having 2 factor authentication means you are aware each time this happens. Additionally keeping your passwords different from what you consider your personal account and what you consider shared. Its also important for people to understand the scope of the access details. Sharing your google account with someone to upload a YouTube video also means they have access to your Gmail and google drive and maybe even your phone and laptop content if they are synced.
What else should we follow?
In all the above cases, adopting 2 factor authentication will make your account more secure. This is a very important step to ensure a more secure authentication.
These recommended guidelines are for general purpose accounts and are not applicable to corporate/work/govt or any other area where specific secure guidelines are recommended by these bodies. These guidelines are for personal accounts.
Please refer to the following article for more details