Answer these questions:
Question #1: Do you have a physical hand-written write-up of your passwords, and do you keep it where you need them? Worst: in your wallet, in a drawer at your desk, or on some post-it nearby. If you answer with “yes” then your passwords are not safe. Store your passwords in an online vault, you can read up how to install one, here [click here]
Question #2: Do you use the same password across multiple sites? 1 of 3 people do this. If you answer with “yes” then your passwords are not safe. Create a safe password, you can read up how to do this, here [click here]
Question #3: Check out the strength of your current password, using three different password strength checkers. If it takes less than 100,000 years to bruteforce crack your password with a home computer then your password is not safe enough.
If you do not know how to test your password strength, then continue reading.
Online Password Strength Testers
Here are a few online password strength checkers:
Use all of them for testing your passwords.
But do not test your actual, real passwords! They might get stolen when you do so.
How To Do an Online Password Check That is Safe
Never test your real password online. It might get copied while you do so. Test something similar.
Example: your real password is 1happy2birthday3to4you5+.
Then test this password 1I2am3singing4in5the6%.
The test password is 23 characters long, the length of the real password is 24 characters. The pattern is the same, both are lyrics of famous songs wherein the words are separated by numerals. And there is a special character added at the end.
In A Sideline: Know Your Enemy
The above measures “abolish hand-written passwords”, “use unique passwords for each site”, “select a strong password” help only against the two most important safety attack, namely breaches of confidence and dictionary attacks. A breach of confidence is clear, someone steals and misuses your hand-written passwords, possibly on multiple sites. The password strength plays a role because there is software out there that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper [click here].
But that is not all. Watch the following are rules for keeping your passwords safe:
- Be sure that no one watches when you enter your password.
- Always log off if you leave your device and anyone is around—it only takes a moment for someone to steal or change the password.
- Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords.
- Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection.
- Don’t tell anyone your password. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself.
- Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid reusing a password for at least one year.
Call to Action
Answer these 3 questions, now:
- Do you have a physical hand-written write-up of your passwords, and do you keep it where you need them?
- Do you use the same password across multiple sites?
- Does it take less than 100,000 years to bruteforce crack your passwords with a home computer?
If you have answered one, two or three questions positively, then this is a signal that you must change an important aspect of your life. You have to improve your online safety.
Install a password vault and use unique safe passwords for each one of your sites.
Check out the above article again.
Martin “Online Safety” Schweiger