How to protect your passwords properly?

Looking back at last 20 years ( I am writing this in 2014), use of systems and passwords has become an unwanted but unavoidable requirement in our daily life. We always require to stay atop of many forms and layers of online protection of our sensitive data. Some examples where we need to use passwords, pass phrases, identifiable pictures etc. are banks,  schools, credit cards, emails, work login, work search, kids account, entertainment, communications, and more and more. As far as the number goes, all these requirements are increasing and as far as complication goes, they are becoming increasingly complicated in nature to use and manage.

20 years back, I had only two account passwords that I had to manage. One email and one bank account. Today I manage over 200 online safety memory chips including for me and for my family! (Wow writing this makes me feel safe! Really..?)

Again, 20 years back I could put in 6 alphabets or numbers and it was considered a safe, secure password. Today, I have to use alphabets in lower and upper case, numbers and special characters with the strength indicators showing strength of the password as we are typing it to understand how strong and safe the password is (In case there is a cyber crime to crack down the passwords.) Many companies will not let me use the parts of my name in the password. Then I have to associate my account to an image and keep the image in mind. Further I have to answer some security questions (typically from 3 to 5). To add even more, every now and then I need to associate and confirm my account with a cell phone number! Then there is separate 4 digit pin for bank ATM’s etc. Even my voice mail has a 6 digit pass-code!

Talk about complexity!

Talk about memorizing!

Is the technology helpful to protect our sensitive data? Yes!

Has the technology complicated the issue and pushed us way more to manage in terms of passwords, security etc? Yes!

So how to manage these complications. Here are some do’s and don’ts for it.

Do’s

1. Use long complex passwords.
2. Generate and use random passwords yourself.
3. Keep your passwords in an isolated safe file. Write if you want. Even better is to spend a few bucks to have a dedicated drive, USB etc.
4. Use limited login attempts at all the allowed institutions. It basically means after 3 or 2 or 4 (whatever the set number is) unsuccessful log in attempts, your account will be automatically disabled and you will have to go either personally or call to prove your ID and then get your account reinstated. It seems annoying in the beginning but it is a great tool to protect your ID in the long run.
5. Answer security questions in a non traditional manner. Example; Name of the first dog. Traditional answer: whisky. Non traditional answer: Ihadnodog
6. Always keep the current back up out of your computer such as in a USB drive.
7. Many experts suggest to use copy+paste rather than typing in the web forms, so follow it when you are logging in.
8. Have a real complex master password for any file that you might be using to store and protect your sensitive information such as passwords, security questions etc.
9. Often change your passwords. Update your record if you are managing it.
10. Always have a working anti-virus program installed. Run the program every few days in manual mode.
11. Delete the accounts you no longer need.

Don’ts

1. Don’t use any online system to save and protect your data. It might be chrome or internet explorer provoking you to ‘remember’ your login information. It might be a service provider tool as Norton protection. I personally call it a third party dependency and it can restrict, corrupt or disintegrate any time. Your passwords and other information is lost without any back up in this case and worst case now all of it can be available to someone else as well.
2. Never use same password for more than one log-in portfolio.
3. Do not use easily guessable passwords such as: abc123, 123ABC, 0123456789, XYZ etc. Cyber crime computers attack through the internet and try thousands of password combinations in a minute. They can easily guess the easy passwords and log into your account. The damage can take a lot to repair in this case!
4. Do not use a computer to generate random passwords.
5. Do not give access to unknown apps through social media.
6. Avoid using public computers in libraries, schools, restaurants, hotels etc. If you do have to use it, un-check the “remember me” option before you log-in and clear up everything after use such as cookies, history etc. Make sure you are allowed to clear it and you are not violating any public institution policy.
7. Sharing a password is usually prohibited so do not share your passwords.

Creating and managing as per these guidelines will help you to protect your accounts and data for a long period.