Is my password secure?

Passwords can often by the bane of our online lives. Almost every site we interact with asks us to create and remember a unique 8-30 digit password in order to gain access to our information and personal interests. These requests can be irritating and cumbersome, but make no mistake: passwords are fundamental to our online privacy and security. Your passwords are essentially the keys to your online home, without them you cannot access the things that matter most to you and if they fall into the wrong hands, the situation can spiral out of control very quickly. If you value your online security, you should be doing everything within your power to ensure your passwords are strong and secure, and that nobody else has access to them.

In recent weeks, it has been almost impossible to escape the barrage of stories relating to online hacks. Earlier this month, it was reported that hackers posted, what they claimed to be, the email addresses, usernames and passwords of five million Gmail users; potentially leaving them open to identity theft or being locked out of their own private email accounts. Google later confirmed that of the five million logins leaked, only 2% currently worked. At first, this figure seems reassuring, but that is still, a worryingly large, 100,000 accounts that have now been comprised, with the correct login details floating around the web for anybody to see. In light of this potential breach, there truly is no time like the present to ask: Is my password secure?

So, what can I do about it?

It’s very easy to be worried and completely overwhelmed by the constant reports of hacking, but the web is, by and large, a safe and secure outlet and you should continue to use it – just with a degree of security and vigilance. It’s safe to say that we have all become a little too entrenched in the digital landscape to take ourselves out of the picture completely at this point.

Firstly, it is crucial to pick strong passwords that you are not using anywhere else across the web. Ideally, the password should be 8-30 characters long (8 characters should be the absolute bare minimum) and a mixture of upper and lowercase letters, numbers and symbols. Create acronyms, make substitutions and relate memorable moments to your passwords – just ensure they aren’t painstakingly obvious to those on the outside looking in.

You should also:

• Ensure your passwords are unique, private and not easily guessed: In 2014, trying to use ‘password’ or ‘12345678’ as your password is the equivalent of voluntarily helping an intruder in your home – you simply wouldn’t do it. Mix up your passwords and create memorable nuggets of information that mean something to you.
• Don’t share your password with those close to you: With services like Netflix and Spotify continuing to increase in popularity, it may be necessary to share your password with a loved one or friend. However, common sense suggests that if more than one person knows your password, the chances of your accounts being compromised increases.
• You should also remember to change your passwords several times throughout the calendar year. Familiarity and taking a lax approach to your online privacy and security could easily result in loss of sensitive data, or worse.
• We all have credentials for numerous different sites, networks and portals. Once again, it is common sense to assume that if one of your private accounts is compromised and your login details are identical or similar for your other online accounts, they will be susceptible to attack too.
• Rely on pen and paper: Feel free to write your passwords down in a place that is secure and private to you. There are relatively safe password management products available online: 1Password and LastPass in particular require an encrypted master password in order to access your private password vault. These products have garnered particularly strong reviews online and do present a strong alternative to simply writing your passwords down. Ultimately, you should rely on instinct and store your passwords in a manner that is comfortable and sensible for you in the long term.
• Start using two-factor authentication: Almost every major online network worth their grain of salt is now using two-factor authentication. Two-factor authentication is a process in which the user provides two means of identification in order to access their account; one of which is your traditional password and the other is a single or multi-use code that is unique to your account.
• Manage your password recovery options: If you forget your password or become locked out of your account, you will need to gain access again. Many services will send an email to your recovery email address if you need to reset your password, so make sure that your recovery email address is up-to-date and an account that you can still access easily.
• Don’t rely on obvious security answers: Try to make sure your answer is unique, but memorable, so that even if someone guesses the correct answer, they won’t be certain on how it should be entered. Also, ensure the answer is at the very least memorable to you. If you can’t remember it, it may be very difficult, if not impossible, to regain access to the original account.

Passwords are fundamentally our digital passport. Without them, the web would be a dangerous and uneasy place. With them, and with developed privacy knowledge, we can work together to create stronger and safer passwords that will help shape the future of the web. You should only take as much advice from this blog post as you are comfortable with, but remember, as we strap always-connected wearables to our wrists and buy products instantly with a single-click, our privacy and security has never been more important.