A Web.com Partner

We’ve Been Doing Passwords Wrong

Today, we might just change your life. Why not.

Ever found yourself staring blankly at a login screen, wondering what on earth you set the password to when you last signed in 6 months ago? Or perhaps, you’ve committed the ultimate sin of writing your passwords down in a text document on your computer, or on little shreds of paper scattered across your desk, inching ever slower towards their ultimate fate of falling off the edge and being consumed by your vacuum?

At some point, most of us have been there, but in 2017, there is absolutely no need to put yourself through that chaotic torture anymore.

We’re about to divulge two tips that can not only vastly improve the security of your online accounts, but also stop you from losing a password (or even having to type one in) ever again.

Tip 1: How to Generate and Store Passwords Securely

There are some passwords we simply must memorise, like the one to log in to our computers (keep reading on as tip 2 below will definitely help to make those passwords more secure and easier to remember).

But there are also a lot of passwords we don’t really need to know by heart. For example, passwords for accounts that you log into only on rare occasions, or accounts that you remain automatically logged in to on your computer or phone for months at a time. You probably have many of these passwords for all different internet accounts you keep… think eBay, Facebook, cPanel, Telstra, Medicare, Twitter, Frequent Flyer, PayPal, Uber and so on.

There’s really no need to try to memorise passwords for these accounts you log into so rarely, but it’s also very dangerous to simply use the same password for all of them, or write them down in random, insecure places.

For these accounts, there’s no easier or better way to keep your passwords under control than using Password Management software. There are many Password Managers on the market today, and some of the leading options are entirely free to use, so there really is no excuse not to take advantage.

One of the most popular options is LastPass, which has a very good free plan. After you download LastPass, it will show up as a little icon next to the address bar in your internet browser. Whenever you log into a website, it will offer to securely store your login details for you, which it then uses to log you in automatically the next time you go to do so – no need to remember that password anymore.

One of the best features that it includes is a strong password generator, so the next time you are creating a new account, or just updating your password on an existing account, it can help you by generating a long, strong password that it then stores for you – no need to memorise or write anything down. You can then rest assured that you have strong and unique passwords in place, that you can’t lose or forget, for all of your accounts.

The reason it is extremely important to use a unique, strong password for every single account you have, is because it only takes one of the companies you have an account with to be hacked for your password to become compromised. This potential occurrence is completely out of your control, and could mean that suddenly, someone has full access to your website, banking, email, health care, utilities – anything you use that same password for.

Tip 2: How to Choose A Secure Password When You Have To Memorise It

Some passwords have to be memorised, like the one for logging into your computer, or the master password for accessing your Password Manager.

We’ve been trained by password strength indicators for a long time to believe that adding a number or a symbol to the beginning or end of a password makes it more secure. The problem is, this is exactly the pattern that hackers are expecting you to have chosen. It also makes the password often much harder for the real account owner to remember. Which letter did you switch for a numeral again? Was it the E for a 3 or the A for a 4?

Essentially, we make our passwords easy for computers/hackers to guess, and hard for ourselves to remember. Passwords following this type of pattern can generally be guessed by a computer in about 3 days at 1000 guesses per second.

So how can you choose a strong, easy-to-remember password?

It’s simpler than you think. A great way to make a strong password is to think of 4 common, random words, and string them together, even add dots or dashes in between. Something along the lines of: OffendedGiraffeStolenIcecream

This type of password is pretty much instantly memorable to us humans, but would take a computer over 550 years to guess!

That’s it! Your digital life sorted and secured, and no more password headaches.

Based on a xkcd webcomic.

We've Been Doing Passwords Wrong

Get tips & insights
direct to your inbox.

Sign up to our newsletter to get the most from your website hosting with insider tips, tools and guides plus 10% off your first invoice!

Have more questions
on Hosting?

Simply call us on 1300 MY HOST (694 678) during business hours, or submit a ticket through OnePanel and one of the crew will be in touch!

Get in touch
Top
Chat