If you’re still using your pet’s name, followed by your date of birth and an exclamation mark as your password, please, for the love of god, change it immediately.
While terrible passwords give us all a bit of a giggle, the consequences of using a bad password could be pretty catastrophic (sorry to be so dramatic). We’ve wrangled together six tips for better password security, let’s run through them
5 tips for better password security
Let’s start with the length. Length matters, folks.
1. It’s all about the length
Complex is out, length is in. Historically, policies encouraged you to create complex passwords composed of lowercase and uppercase letters, numbers and symbols and it felt like they wanted a hieroglyph and the blood of your first-born child, too. But, unfortunately, these types of password recommendations have been rendered inadequate. Fun fact: in December 2021, the World Economic Forum reported that an eight-letter password containing one uppercase letter could be cracked in as little as 22 minutes.
So instead of Spotthedog1!, aim for something like iL0v3mylA8rad0r$P0t.
If that’s too hard for you to remember, here’s our guide on password generators and how to use them.
2. Multi-factor authentication
This one requires some non-lazy behaviour – supplement passwords with multi-factor authentication (MFA, sometimes called 2FA for two-factor authentication). The reason is, no matter how schmick your password is, super important stuff like email or banking should have a little more protection than a different way to say you love your dog.
MFA/2FA requires a minimum of two types of authentication, typically consisting of ‘something you know’ (e.g., a password), ‘something you have’ (e.g., an authenticator app or cyber token) or ‘something you are’ (e.g., biometrics). The ‘something you are’ is the best type, as biometrics are super individual.
Here’s a little more information on MFA.
3. Don’t store passwords in your browser
We all do it. It makes signing into everything a lot faster on your browser. But while this option may seem convenient, it is poor password management. We delve a little deeper into the issues with storing passwords in your browser over here, but the TL;DR is that threat actors could access these saved credentials by manipulating cookies to steal credentials or stealing the actual device.
Password management solutions such as KeePass or 1Password securely store and encrypt passwords and passphrases, making it far more challenging for a threat actor to gain access to them, so they’re worth looking into.
4. Write them down
OK stick with me here. If you have 15 different passwords for 15 different sites (you should), it can get overwhelming trying to remember them. If you write them down in an unassuming book and keep it somewhere in your house that no one knows where or what it is, it’s an easy way to use super complex passwords and not have to reset them every time you try and log in somewhere. Chances are a hacker isn’t even in your country, let alone your state, and if someone breaks into your house, they’ll be more interested in your car keys and TV than your random book in your wardrobe containing passwords for your Instagram or Netflix.
5. Don’t tell anyone
The fifth and final recommendation is to not tell anyone what your passwords are. Not even your dog Spot.
If you want to practice better security hygiene as a whole, check out our complete guide to not getting hacked.
This article has been updated since it was first published.
The Cheapest NBN 50 Plans
It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.