On occasion of World Password Day to be observed tomorrow, Thursday, 06th May, McAfee shares advisory from Raj Samani, Chief Scientist and McAfee Fellow.
“When it comes to online safety, password hygiene has never been more relevant. Over the past year alone, we’ve seen a massive surge in online activity, with the pandemic leaving many Indians reliant on conducting daily activities such as shopping and banking online.
Passwords are of course a key part of our digital lives, enabling people to gain quick access to a variety of online platforms, accounts and devices. However, it can be easy to take them for granted and forget the basics of password hygiene during our busy lives, particularly now as we have so many accounts to keep on top in order to get on with our day-to-day activities.
Passwords which include personal information, such as your name, or pet’s name, make them easier to guess. This is especially true when we share a lot of personal information online, making it easier for online criminals to make guesses about your password. You should also never share a password, even with a close relative. While this may seem harmless, sharing these details could result in critical personal information falling into the wrong hands. In fact, McAfee recommends changing your passwords about every three months at a minimum. This is so that if a password has been shared or compromised, the safety of your online information has a higher chance of being kept safe by making this change.
World Password Day is an excellent time to highlight the importance of password safety to consumers. But it is just as important to ensure password hygiene remains top of mind at all times and not just for one day. We’ve shared our top-tips and tricks below.
McAfee’s top tips for creating secure passwords:
- Password sharing – passwords should never be shared with anyone else, even trusted family and friends. Sharing a password could result in critical personal information falling into the wrong hands. McAfee advises against this and encourages consumers to keep all passwords to themselves. Even more importantly, never share a password over text, email, or any other online communication channel.
- Keep it impersonal. Passwords that include personal information, such as your name, address, or pet’s name, make them easier to guess. This is especially true when we share a lot of personal information online. But, you can use personal preferences that aren’t well known to create strong passphrases.
- Never reuse passwords. If you reuse passwords and someone guesses a password for one account, they can potentially use it to get into others. This practice has become even riskier over the last several years, due to the high number of corporate data breaches. With just one hack, cybercriminals can get their hands on thousands of passwords, which they can then use to try to access multiple accounts.
- Employ a password manager. If just the thought of creating and managing complex passwords has you overwhelmed, outsource the work to a password manager. These are software programs that can create random and complex passwords for each of your accounts, and store them securely. This means you don’t have to remember your passwords – you can simply rely on the password manager to enter them when needed.
- Employ multi-factor authentication. You can double check the authenticity of digital users and add an additional layer of security to protect personal data and information.
Tricks include:
- Try making your password a phrase, with random numbers and characters. For instance, if you love crime novels you might pick the phrase: ILoveBooksOnCrime
- Then you would substitute some letters for numbers and characters, and put a portion in all caps to make it even stronger, such as: 1L0VEBook$oNcRIM3!
- If you do need to use personal information when setting up security questions, choose answers that are not easy to find online.
- Keep all your passwords and passphrases private.
- Use unique passwords for each one of your accounts, even if it’s for an account that doesn’t hold a lot of personal information. These too can be compromised, and if you use the same password for more sensitive accounts, they are also at risk.
- If a website or monitoring service you use warns you that your details may have been exposed, change your password immediately.”