Chances are if you’re reading this blog, you’re pretty aware that passwords are often the key to much of our most confidential information. But with so much of our lives played out online, it’s likely there are still a few weaknesses in your security repertoire. Meaning that, right now, your own password security is probably nowhere near as locked down as it should be. And chances are it’s one of – or perhaps even all of – the following five holes leaving you compromised…
- Your passwords are not alphanumeric AND random
It takes a computer less than a second to hack a password that’s based on real words or phrases, even if you add in upper and lower cases and numbers. Best password practice is to create ones that are alphanumeric and entirely random. Not even so-called “keychain” systems are infallible, as anyone using your computer or logged into the same session will have access to those websites you have stored passwords for.
- You’re using the same password for several websites
Think about every time you have created a new online account. You likely had to provide login details for each one – including a user name, email address and undoubtedly a password. Many of you probably use the same password as the one you used before right? At least then you won’t forget it!
While convenient, this method comes with some serious risks. Think of it this way. With each new account comes another door to your personal information. And if all of those doors are locked using the same key, however strong, someone looking to access your information only has to crack that one, often simple code. Then they could potentially have access to much of your online information. Mixing it up by using different passwords everywhere makes it considerably more difficult to hack a portfolio of information.
- Your inbox is a goldmine for hackers
Otherwise, you are known as an “online hoarder”. You would likely be amazed how many accounts you’ve signed up to over the years using your email address. Not only will this clutter make it difficult for you to find the information you really care about, it’s also a huge security risk if your passwords are not up to scratch. Using services like Unroll.me allow you to quickly identify unwanted subscriptions and mass-unsubscribe you from dormant and redundant accounts. Paired with our new tool Dashlane Inbox Scan, you can make sure your inbox is not only hassle-free but also safe from hackers, as Inbox Scan will identify any account passwords and private data lying exposed in your inbox, so you can easily remove them and eliminate any security risks from your inbox.
- You are using weak or no encryption
Storing your passwords in a safe and secure way is incredibly important. This means using high-level encryption. The industry standard is AES-256 (the AES bit stands for Advanced Encryption Standard), which was first publicly accessible and open cipher approved by the National Security Agency (NSA) to protect information at a “Top Secret” level.
To find out more about AES-256 encryption take a look at our own handy “Dashlane Explains” post for military grade encryption, which spells out the technology in simple terms.
- You’re insecurely sharing work passwords
Texting or emailing a colleague for the password to a work account is a bad idea, and one of the easiest ways to compromise your company’s security. Don’t be that person. If sharing is a necessity, ensure the system you use allows you to securely manage and share access to team passwords, and if anyone changes a password, the system should also sync that new login information across both the team and any devices they’re using.