First things first, we are NOT asking you to change all your passwords on a regular basis and just for the sake of doing so. Studies and experience show that this alone does not necessarily lead to better security – perhaps quite the opposite. Here’s what you can do instead.
Get a password manager.
Password managers are a great and inexpensive way of enhancing your account security. These ‘password vaults’ make the job of generating a strong and unique password for each of your online accounts a breeze, thus helping you avoid some of the most common password mistakes – using eminently hackable passwords and recycling your passwords across multiple online accounts.
With a password manager, you only need to remember a single, master password (and so you’d better make sure it’s a very robust one)! To make it easier to remember without compromising the password’s security, don’t use abbreviations or single words. Instead, opt for passphrases and even entire sentences, complete with various punctuation marks, special characters, block capitals and spaces.
That way, chances are good you’ll produce a passphrase of so many characters that the task of guessing your password will be an impossible one. Ideally, the passphrase shouldn’t be related to the login process itself, however – “I’m logging into the password manager!” doesn’t make for a great master password.
Audit your passwords.
If any your passwords – especially those that “secure” your valuable online accounts – match or are eerily like the world’s most common passwords, it’s time to get down to work. The easiest fix involves letting your password manager generate unique and impossibly-to-remember passwords for all your online accounts.
Now, why should each password be unique? It’s because if a password is stolen or leaked, criminals often try the same username/password combination to break into the person’s other accounts. They may also use the “forgotten password” option to gain access to your valuable online accounts.
If possible, turn on notifications about all login changes and that you must confirm a password change via a second email address at another provider or a push message on your smartphone. Avoid sharing your passwords with other people as they could put your private data at risk, even if unwittingly.
Large-scale data breaches have left millions of passwords exposed and available on the Dark Web, often cross-referenced with account usernames. Centralizing password management helps reduce the use of known passwords and enforces good overall password hygiene.
Keeper Security gives staff individual password vaults that can be shared with, or even transferred to, other users when needed. Additional features include secure password generator, Dark Web scanning that alerts when a stored password shows up in breached password lists, integration with browsers for login autofill, mobile apps for iOS and Android, free personal accounts for users and their families, and more.