6 Password Mistakes That Leave You Exposed
No one wants to remember 37 unique passwords for 37 different accounts. That’s why two thirds of Americans reuse the same code across multiple sites, finds a new survey commissioned by the digital security and password manager site LastPass.com. But what seems convenient can backfire big time, says Michael Kaiser, executive director of the non-profit National Cyber Security Alliance.
“If you’re not using distinct passwords for your key accounts—banking, email, and social networks—a cyber criminal who gets one of them has access to all of them,” Kaiser says.
Here are five more password mistakes that jeopardize your digital security, and the best ways to always keep your personal data safe.
Your Password Is Common
Every year, the security company SplashData collects passwords from American and European data breaches to see which codes are the most common. For the fifth straight year, “123456” tops the list. (“Qwerty”—the first letters along the top of your keyboard—isn’t far behind.)
Sophisticated cyber criminals have automated hacking programs that try each of these common passwords (and countless small variations) in order to crack into your accounts, Kaiser adds.
So what makes a stronger password?
While a 15-character stream of random letters, numbers, and symbols—with some capitalization thrown in for good measure—is the most secure kind of code, your best bet is creating a random sentence that you’ll actually remember, says Kaiser.
Go with something like “hotdogsaretasty” or “addictedtomyphone.” Add a number or symbol at the end and you’re in great shape, he says.
Your Password Is Predictable
Roughly half of the LastPass survey participants admitted to using a family member’s name or initials in their password. Almost as many said they used birthdays or other significant dates, and 26 percent said they used a pet’s name.
But hackers can easily find your family members’ or pet’s names on your social accounts, says Kaiser. If you’re still rocking “sparky21584,” you’re flirting with danger.
You Store Your Passwords Somewhere On Your Device
Maybe you created a note with all your passwords. Or worse, you emailed them to yourself.
“Anything you put in an email or on your device is vulnerable,” Kaiser says.
It sounds old-school and comically low-tech, but you’re better off writing all your passwords down on a sheet of paper and stashing it somewhere in your house, he says. Cyber criminals don’t usually break into your bedroom.
You Change Your Passwords All the Time
It’s tough enough to keep track of all your passwords when you’re not constantly changing them. And research suggests people who switch their passwords frequently tend to use much weaker passwords, says Kaiser.
“But unless you’ve been notified of a security breach or you think your account has been compromised, there’s really no reason to change your passwords,” he adds.
You’re Not Careful With Security Questions
You could have the most complicated password in the world. But if the answer to your security question is your mother’s maiden name or your high school’s mascot, a committed cyber criminal can probably dig up that information, Kaiser says.
It’ll take a little more creativity, but you should make up fake names or answers to these security questions, he says. Write them down on your sheet of passwords.