How to deal with passwords

How to know if a website is secured.

To find out if you are on a secure website, look in your browser on the top at the address bar, if the website is secure you must see a padlock 🔒 (usually in the beginning of the URL or in some cases you can have it at the end) if you can’t find it make sure that the URL starts with https (the s refers to “secured”), for unsecured websites, you will find either 🌐 or 📄 or ⚠️. In some websites, you can have a mix, some pages are secured while others are not, do not panic! You just need to make sure that it is a secure page when you have to enter sensitive information.

Examples:

• A website for a given university contains university presentation pages, descriptions of specialties, future events … and which are not necessarily secured, on the other hand pages such as student authentication, teachers authentication, pages of online courses must be secured.
• An e-commerce website where pages presenting products are not secured but pages that allow you to pay and enter informations from your credit card are secured.

To access your account via any platform, you must enter your username and password. In fact this password is the only way to protect your data.

“What to enter as password this time 🤔, ok so that I remember it I’m just going for “hello” or “000” or “<my name><year of birth>” I imagine we’ve all been there! No 👀

Signing up with such a password is super bad, it’s like you’re doing that to yourself literally:

The reason for that is because you will make it easier for someone who wants to hack you, he will only combine your name with your date of birth, if this doesn’t work, he will try again and start testing all combinations of 4 letters that can exist and in that case, he’ll definitely be able to find it.

Now imagine after he got your password, he tries to enter it in other platforms and that haphazardly you put the same password everywhere 🤔

Okay, without too much delay, your password should look something like this:

Q@h013!92–067v=yL

how beautiful is this 🥺 we only see it in the movies! No! And to generate such a password, here are some rules to follow:

1. Your password must contain AT LEAST 12 characters.

2. Your password must contain a mixture of characters: upper case letters, lower case letters, numbers and special characters.

3. Your password should not contain familiar information such as your name, first name, date of birth, your hobby, the name of your cat, the name of your best friend … etc.

4. The most commonplace your password is the most effective it is.

To build a strong password, 2 methods are suggested :

1. Start putting letters at random, uppercase and lowercase, then place numbers between these letters, finally add some symbols at the beginning, at the end, wherever you want.

2. Put a sentence (the cat eats the mouse) Then mix the order of words (cat mouse the eats the), add numbers (cat4 mo0use the 55 eats th4e), add some special characters (c&at4 @mo0use / the 55 eats th4e/).

You can go further and test the robustness of your password using services that allow it.

Okay now I have come to generate a very robust password and this is satisfying but how can I remember it as well as other passwords? Well, you can use either password handlers who behave like strongboxes or customize a notebook where you put your passwords.

In the end, do not forget to change your passwords regularly, use particularly strong passwords for your email addresses (cause imagine if someone was able to access your mailbox, they will just press the “forgotten password” option wherever you use this email address and they’ll then receive the resetting codes of your passwords), and always use two-factor authentication.

Until the next article, stay safe!