Password 101 — How to create a more secure password
What do the phrases ‘123456’, ‘picture1’, and ‘password’ have in common?
They all topped 2020’s list of most used passwords. ‘password1’, ‘000000’ and ‘qwerty’ also made the list. Scary stuff. A hacker’s dream to be quite honest.
It may feel like stale old news, but a secure password is nothing to laugh at. It’s one of the easiest steps to take on the journey to cyber security, and one we should already be taking daily.
Struggling to make the transition from ‘iloveyou’ (yes, this also made the most used password list) to ‘Yellow?Trumpet!255’? Let us inspire you!
The basics
Let’s get one thing straight nice and early — the word ‘password’ should never be your password, and neither should your pet’s name. Sorry, Biscuits the cat, but you’re just not cyber safety material.
The baseline for a more secure, self-created password is:
- It should be at least 12 characters long
- Includes both lower and uppercase letters
- Includes numbers
- Includes special characters
- Does NOT include personal info such as date of birth, a pet’s name, your name, or your email address
Change your passwords regularly
If you’ve been riding out your password long enough to ditch the training wheels, it’s time to change it up. Just make sure you level up, and don’t switch from password1 to password2!
Some sites will automatically prompt you to change your password if it’s been lying dormant for too long, but it’s a good idea to switch up your important accounts (banking, emails, social media) on the reg. If you’re with Belong, you can reset your password online at any time.
Use different passwords
It may seem like a harmless faux pas, but using the same password across multiple sites is risky business indeed.
Data breaches across consumer websites are becoming increasingly common. If your info gets snatched from say, a social media site, and you also use the same password on your online banking app, and a few online shopping sites, all of these become free reign by using that same measly password.
Don’t risk it up — mix it up!
HOT TIP: There are apps and software that can actually alert you when your passwords have been part of a data breach. Google’s Password Manager can give you a heads up if it detects your details have been leaked, and Apple offers this feature in iOS 14 and later.
Get creative and use a passphrase
The next step towards password domination is to actually use more than just a word. Enter: the passphrase.
A passphrase is a sentence-like sequence of words. For example, “2-Green flowers-need soil!”.
Just like a password shouldn’t include easily sourced personal info, neither should your passphrase. Keep it nice and random (that could make a nice passphrase, perhaps?). You can even use generators to randomly string together a few words.
Some of my favourites include:
- ‘Don’t-copy-your-passphrase-from-the-internet!’
- ‘I’m-serious-it-isn’t-safe’
- ‘Please-make-your-passphrase-random.’
Use a password manager
All this creativity can make passwords hard to remember. This is a good thing, because it means it’s harder for hackers to run wild with your details. But it can also be a bit of a challenge.
This is where a reputable password manager comes in. This nifty software can manage and save your passwords automatically. They can even generate super random and unique passwords that will put ‘qwerty’ to shame.
For maximum satisfaction, you can enter all your passwords into the manager in one fell swoop! You can also add them in each time you login to an account. Bonus points because it’ll also provide a nifty little assessment of the strength of your current passwords (spoiler: ‘password’ earns 0 stars).
HOT TIP: Make sure you pick a super-duper strong master password for your vault. You can also use a passphrase to help make it more memorable as a human, but long enough that it’s super hard to crack for a computer using brute force guessing methods.
Use 2 factor-authentication
Even the strongest password is no match for 2-factor authentication (2FA).
2FA basically means that there’s an extra piece to the puzzle when you’re logging in online. Generally, this looks like your username, password, plus a once-off authentication code that, once set up, is sent you to via text message, email, through a specific authenticator app, or even via a voice message.
It’s an extra padlock for your online accounts.
Conclusion
Take this password resetting experience as a chance to be creative, and really flex your cyber security skills. If this year’s most used passwords don’t have more flair than ‘111111’ (yep, another one that made 2020’s list), then you’ll be hearing from me.
Don’t forget to use a secure password when you’re signing up for a plan with Belong.
These handy apps, tools, and sites are not endorsed or provided by Belong. The social crew have handpicked these as their favourites, and are only suggested ideas. So please use them at your own risk — we encourage you to take sensible precautions if you do so.
iOS is a trademark or registered trademark of Cisco in the U.S. and other countries and is used under license. Belong Blog is an independent publication and has not been authorised, sponsored, or otherwise approved by Apple Inc.
