How to strengthen your password in 2019
Can you guess what the most popular password was in 2018?
123456 – followed by password.
And both have retained the top spots for the last five years!
Technology continues to advance at pace and 2019 will be no different. Password protocol, if it’s to remain effective, has no choice but to keep up. Whether your current password appears in the popular list or not, our guidelines below can help you create a stronger alternative. We’ll also advise on the ancillary options available, all designed to better protect your personal and business data.
Password vs. passphrase
Because they are typically much longer, a passphrase is, in general, more secure than a password. And as you can use real words, it can still be memorable. We’re talking about a series of random words here. Anything longer than ten characters is a good rule of thumb. And the less sense it makes, the more secure it is.
We recommend capitalising the first letter of each word. It’s an easy edit to remember, and strengthens the phrase – BookDogPillowCup, for example.
We don’t advise replacing letters with numbers, like this – 8o0kD0gP1ll0wCup. Virtually impenetrable, but remembering which letters you’ve swapped might prove tricky in the long run.
A complicated password may seem effective on the surface. But if it’s so complex that it needs to be written down, then you’ve inadvertently weakened your security. Instead, numbers or symbols at the beginning and/or the end are easier to remember, without sacrificing strength – 1BookDogPillowCup2.
Password vs. PIN
Windows Hello is an advanced security tool that forms part of Windows 10. It lets users log in how they like – with their face, their fingerprint, or a PIN. Complementing your password with biometric authentication is a good idea, but what about the PIN?
Something like J1748p$ could be a password or a PIN, so what makes the PIN more secure? It’s tied to the device. If someone stole your password, they could access your account from anywhere in the world, on any device. But with a PIN, the perpetrator would need to steal the device too. In theory, it means no system can be compromised remotely.
If you use Windows 10, Hello is certainly worthy of further research.
2-factor authentication (2FA)
So your password might seem impenetrable? It’s still only one barrier between hackers and your personally identifiable information. 2-factor authentication, also known as 2-step verification, strengthens your defence with an extra hurdle.
It works on the premise that an intruder cannot know every detail required to gain access to your information. They might know your username and password, but they probably won’t know your mother’s maiden name. And it’s unlikely they’ll have your phone, programmed to receive security codes before granting access.
Google Authenticator, for example, is a smartphone app that can send you verification codes whenever you log in to Google and certain third-party websites, whether you have an Internet connection or not. It’s worth remembering, 2FA is only as strong as its weakest link. But any additional layer of security is worthwhile and if 2FA is available, we strongly recommend using it alongside your password.
Putting your browser in charge?
Has your browser ever offered to save your passwords? You may have wondered whether it can be trusted. On the whole, the answer is yes. All the main browsers offer auto-fill functionality, but Safari and Chrome are probably leading the way in terms of sophistication.
Fingerprint authorisation is available. Both browsers can generate strong passwords on your behalf and save them securely. You’ll notice, however, when accessing your full list of saved passwords that two-step authentication is not used. This is something to bear in mind when choosing which passwords your browser can save.
A dedicated password manager
If you have many different passwords that you’re struggling to keep track of, you might consider a password manager. There are plenty of award-winning solutions that are also free. Just make sure you research thoroughly before committing to anything.
Need more help with passwords?
We hope this article has helped improve your password knowledge. But if you have any questions, or would like more detail on the points we’ve covered, please contact us.
Clearwater helps SME businesses in Bristol, Cardiff, and the surrounding areas with IT solutions. We can help on a one-off basis, or provide cost-effective business support that starts from just £20 per user, per month.
If you enjoyed this article and would like to read more – why not sign up to our mailing list? You'll receive all our best advice, straight to your inbox.