We are often witnesses to data leaks which, on many occasions, even include passwords to access our email accounts, access to social networks or accounts in applications and websites. If on top of that we take into account that we can be careless or leave our password on a tray if it turns out to be predictable, we are faced with a major problem.
Now there are ways to protect ourselves and strengthen our passwords, so that not even a data leak can jeopardize our accounts and, in the same way, we make it impossible for anyone to guess. In this post we will give you a series of tips to keep in mind for this.
Start by establishing security on your mobile
Beyond passwords that you use in web and application registrations, it is convenient that you have all your mobile password protected. Although, yes, is not incompatible with having a biometric sensor configured, such as a fingerprint or face. However, even with this security system configured, you will need a password.
It is best that, within a reasonable limit, this be an alphanumeric password of at least 6 characters. In the event that your mobile does not support this type of security code or it is excessively inconvenient for you, it is advisable that you use a numerical pin of at least 6 figures, ignoring the classic 4 digits that are normally suggested as standard.
Check eventually if your accounts have been leaked
Knowing if your email account has appeared on a list of leaks is not always easy. In fact, many times you won’t even know it. However, there tools like Google Keychain or iCloud Keychain They often let you know when they become aware of it.
However, there is one website that is responsible for tracking information over the network to determine whether or not your account has been leaked. It’s called “have i been pwned?” and, as we have already told you on other occasions, simply access its website, write your email account or phone number in its search box and press pwn? so that the search begins and you know if your data has been filtered or not.
Search in ”;–have i been pwned?’ and its two possible outcomes
How is the perfect password (length and characters)
Already entering logs on websites and apps, the password you choose should be as long and varied as you can. In fact, the harder it is for you to remember, the better. And it is that, as we will tell you in other next sections, passwords should not be intuitive or easy to memorize.
Example of a strong password
The most advisable thing is that you resort to random password generators that can throw you a strong key. These usually alternate uppercase with lowercase, also adding numbers and special characters. For example, sj1UH8:9-aW2Wz_&s3P
Now it must be said sometimes there are limits to passwords and adding more than a certain number of characters or adding exclamations and other similar characters are not allowed. In these cases, try to make the password as long and varied as you can, encouraging in this case to change the password frequently (we will talk about this in detail later).
Passwords that are not recommended at all
In line with what has already been said, if the best passwords are those that mix characters and have a long length, it is obvious that anything else decreases security. However, there are a number of typical passwords to avoid at all costs.
The 50 most used passwords of 2021 according to the WP Engine study
There is a WP Engine study detailing the most used passwords around the world. Examples of this are “qwerty” “asdfgh” or “q1w2e3r4t5”, output as simple key combinations based on our keyboard. It is also common to use the name or surname, an intuitive combination of numbers or the telephone number of each one. What they all have in common is that they are easy to use.
Therefore, we again emphasize that the password should not be easy, not even for you. We understand that it is always easier to use a combination of keys that, although strange, is quick for you to remember and type. But if you want to keep a strong password, you should stay away from these types of combinations.
There are also websites to generate passwords
In the same way that there are apps with which you can generate passwords (at the end of this post we review some), there are web pages that are capable of generate secure passwords according to the recommended security parameters. One of them is LastPass, which also has an app and offers a free and customizable password generator.
It is enough to enter its web page, accessible from any web browser (the mobile one works), and configure how we want the password. You can choose its length, if you want it to contain upper and lower case letters, numbers and symbols. Also if it is easy to say and read, options are not recommended to make it safe.
While we are customizing the options, the suggested password will appear at the top of the screen, which is always random and unique for each user. After, can be easily copied pressing the corresponding icon that appears to the right of it or at the bottom, where there is a button that precisely says Copy password.
Changing the password frequently is decisive
Regardless of whether or not you are aware that someone was able to discover your password, there is one key factor in making a data breach ineffective. And that is to change the password often, so that even if they have your password, it is no longer valid.
Normally password managers suggest it sporadically, although there is no set time for it. We recommend that you do this at least once a month and that, on each occasion, the password is different from any previous one and follow the same security patterns that we have been seeing in previous points.
Do not use the same password for two different accounts
In the same way that it is not advisable to put a password that you used previously in an account, neither is it advisable that it be shared by two different accounts. Again here we put safety before comfort and that is that you would make it too easy for cybercriminals.
Keep in mind that if they discover the password of only one account, you will already be giving access to all your accounts in which you have put the same password. Needless to say, even if you register with the same email on different sites, they can always have different passwords, so you will not have a problem.
Always store them in a safe place
Seeing post-its in offices with the username and password of the computer or access to a system is more common than we think. And yes, it is very comfortable, but it is anything but safe. Writing down passwords on paper is never a safe optionsince in the end you are exposing yourself to other people being able to see it.
Even if you always carry that paper with the notes, it is dangerous, since you can lose it and a stranger on the street can take it and keep your account. Similarly, not any notes app will work for this and more if you usually lend your mobile to other people and this app does not have its own password with which to protect the notes.
Have a good password manager
Having a good password manager is essential to fulfill all the above tasks. Apart from allowing you to write down passwords securely and even integrate with your web browsers and operating systems, they are also a good help for other security actions.
Thus, we can find that the majority are capable of scan the network to see if your passwords have been leaked, either manually or automatically to offer you the recommendation to change it. Similarly, these usually include a password generator that meet all safety standards.
Some of them offer free options, although the truth is that the most complete and secure require some type of payment, either on time or by subscription. Then we leave you one list of the most complete and that are available on Android’s Google Play and iOS App Store, as well as on other platforms such as Windows or macOS:
Thus, knowing the requirements that a good password must have, together with the use of a manager such as the ones mentioned above, you can be calm about the security of your accounts. Though for greater security if possible, it is more than advisable to combine these passwords with a two-factor authentication system that wards off cybercriminals by confirming the security of a temporary code or similar.