The most important tips for password security include choosing long, complex, unique passwords, not storing them in easy-to-hack places and using a password manager.
Unfortunately, most people don’t follow best practices for password security. According to Keeper Security’s 2023 Password Management Report, only 25% of people use strong, unique passwords for all of their accounts. That means 75% of people have insufficient password practices.
The report revealed that one in three people globally feels overwhelmed by password management. If you’re one of those people, read on to learn our top five tips for easy password security that will keep your accounts safe from cybercriminals.
Length is more important than complexity according to the National Institute of Standards and Technology (NIST). It will be harder to crack a 20-character password even if it uses dictionary words than a completely random 6-character password. But, creating a password with both length and complexity is the most secure.
Our free password generator can create a strong password for you in seconds.
Example of a strong password (don’t use this one, it’s no longer secure because it’s public):
Examples of weak passwords:
7b>iCQ (too short)
Blue17Freed!Dry (has dictionary words)
KK8*K?Nr3456 (contains sequential numbers)
How to remember your passwords
Strong passwords are hard to remember, but you can make it easier by using mnemonic techniques, such as using the first letter of each word from a favorite quote with numbers and letters added in (“It was the best of times, it was the worst of times” becomes “iwtBot%72#iwtwot”).
You could also use words with numbers and symbols instead of letters (“dog bone” becomes “D0G#!B0N398”).
One of the most common ways passwords are compromised is through credential-stuffing attacks. This is when one set of credentials is stolen and a cybercriminal uses them to try to gain access to other accounts.
For example, if a data leak exposes your password to your email account, the cybercriminal could then try to use the same credentials to access your bank accounts, retirement accounts, credit card accounts and so on. However, if you used unique passwords for each of your accounts, then only one account will be compromised.
It’s important to note that cybercriminals often guess similar passwords in credential-stuffing attacks. For example, if the compromised password was weakpassword8, they may try weakpassword9. Choosing a password that you change slightly for every account is not an effective way to prevent hacking, even if it’s a long, complex password.
There are a variety of MFA options, including generating codes on an authentication app, getting a code by SMS text or answering security questions. Usually, accounts will give you the option to require MFA only if you are logging in on a device that is not your personal, primary device.
Data breaches are common, so it’s easy for one of your passwords to become compromised. However, if you have MFA enabled then it will be much more difficult for a cybercriminal with your stolen password to access your account.
4. Store and share your passwords securely
Going through the trouble of creating long, complex passwords for your accounts will not protect you if you don’t store them securely.
The days of keeping all your passwords in your phone notes and sending them to others via text are over. Documents, texts, email and other common locations to keep passwords are easily compromised by cybercriminals.
Technology has solved the problem of storing passwords securely with password managers. A master password is the only password you need to remember to access all of your passwords.
How to store your master password
You should memorize your master password and not share it with anyone. If you absolutely must write it down somewhere, write it on a physical piece of paper and hide it in a safe or other highly secure location.
How to securely share passwords
Password managers will also make it easy to securely share your passwords – for example, if you want to share a Hulu password with your family, your password manager will be able to share it while keeping it safely encrypted.
A password manager like Keeper Password Manager simplifies password management while offering the highest level of security for all of your accounts. Password managers can:
Generate strong, unique passwords
Store passwords with the best encryption
Automatically fill in your credentials when you log in
Store 2FA codes so you don’t have to wrangle multiple devices while logging into an account
Securely store other types of information, like confidential files and ID photos
Scan the dark web for compromised passwords and alert you to change the affected credentials
Why Poor Password Management Puts You at Risk
Passwords are what stand between cybercriminals and your valuable, confidential data. Reusing passwords, using weak passwords and other bad habits will make it easy for a cybercriminal to hack you once you become a target.
If cybercriminals access your data, it could result in theft of money from your bank account, account takeover and even severe identity theft. These types of incidents are time-consuming and expensive to recover from.
Keep Your Accounts Protected
Using strategies for choosing strong passwords and storing them securely will keep your accounts protected. Keeper Password Manager is the simplest way to streamline your account security. Start a free 30-day trial today to see how we can protect your digital life.
Aranza Trevino is the Sr. SEO Content Specialist at Keeper Security. She is an experienced cybersecurity trend and data analyst who continues to gain industry knowledge to educate readers through her blog efforts. Aranza’s blogs aim to help the public and businesses better understand the importance of password management, password security and staying protected against cyber threats. Aranza has a B.S. in digital marketing from DePaul University.
Get the latest cybersecurity news and updates sent straight to your inbox
Share this blog
You May Also Like
Passkey vs Password: What’s the Difference?
There are several ways in which passkeys are different from passwords in terms of how they are created, how they are filled into websites and how they are secured. Passwords are user-generated whereas passkeys are automatically...