You've been doing your passwords all wrong! Fix them with these new tricks
You’ve heard it all when it comes to creating hard-to-guess passwords. Use a mix of upper- and lower-case letters. Be sure to include special characters. Change your passwords every three months. These recommendations have created a messy alphabet soup of passwords for many people, who then get frustrated and constantly have to reset forgotten passwords. But there’s hope for a better way as experts are revising what it takes to have secure passwords.
The U.S. government’s National Institute of Standards and Technology recently issued a new set of password guidelines and it changes some of the advice we used to take for granted. While the guidelines are meant for government agencies, private businesses have adopted the NIST suggestions in the past, so this could be the start of a major sea change in how passwords are handled.
This should come as a relief to people who struggle with managing their passwords and meeting all the esoteric requirements we’ve been told to use. Check out the latest tips for safe passwords:
Use a phrase
Passwords guru Bill Burr used to work for the U.S. government to develop password guidelines. He’s one reason why we all use special characters, mixed cases, and numbers. Now, he’s a proponent of the passphrase, a string of words that you can easily remember, but that will be hard for anyone else to crack. Click here to see why passphrases work more effectively than a random selection of letters.
Go long
The new NIST guidelines suggest allowing users to create passwords up to 64 characters in length with an allowance for spaces between words. While many people just try to meet the bare minimum requirement of using eight characters, you will get a much stronger password by stretching things out.
This means a totally new approach to passwords where you could use your pets’ names from childhood, like “fluffy princess rex spike booboo chewie,” or all the streets on the way to your favorite restaurant, like “academy main washington ohio central.” Easy to remember. Hard to crack.
Click here to see why “ilovefreshsashimituna” is a great password.
Don’t change your password unless you have to
The old advice of changing your password at least every three months is now out the window. NIST’s Paul Grassi told the Institute of Electrical and Electronics Engineers, “Expiration isn’t a motivator to create a brand new password, it’s motivation to shift one character so you can remember the password.”
If you’ve created a strong password, then don’t worry about changing it out all the time. Just stick with it unless you’ve been notified of a security breach that requires a password reset.
Choose something memorable for you
The NIST calls passwords “memorized secrets.” The memorized part is important. You want to avoid the temptation to write down passwords, so pick a password that has enough meaning to you to stay in your mind. This is when phrases can work very well.
It may take websites time to catch up to the latest NIST guidelines, but you can still create a memorable password that meets current restrictions. Go back to Burr’s advice on passphrases. You might choose something like “ArizonaCardinalsfootballisnumber1!” or “Igivemyjob100%everyday.” Those meet the requirements of having at least eight characters, a special character, and upper and lowercase letters.
Click here for an easy way to create easy to remember yet super-tough passwords.
Create passwords for categories of sites
Everyone has heard the advice to use a different password for every site, but few people follow it because it’s so difficult to remember a million completely different passwords. Grassi offers up a modified version of this, by recommending different passwords for different categories of sites.
For example, you would use one password for banking and credit card sites, a different password for online retailers, and still another password for your social media accounts. That way you can keep the number of passwords down to a reasonable amount. If a password is compromised, then you only have to change out the passwords for similar accounts.
This shift in password strategy is good news for everyone except cybercriminals. Long, easy-to-remember unique phrases can take the frustration out of managing your passwords. Your accounts will be more secure and you’ll spend less time fiddling with resets. It will also be harder for someone to crack your accounts.
The new NIST guidelines should trickle into the wider world outside the government, so we can look forward to password requirements being both secure and sensical. In the meantime, you can go ahead and implement passphrases and categories and stop worrying about constantly coming up with new passwords.
More from Komando.com
How to share Wi-Fi without giving out your password
AT&T router flaws put millions at risk
Attention AT&T customers, critical router flaws have been discovered that may be putting you at risk. One of the flaws is reported to be affecting millions of people and immediate action is suggested. I’ll tell you about the dangers of what these vulnerabilities are and ways to fix them.
Best sites to know how much your home is worth
If you’re thinking about selling your home, or just want to know how much it’s worth, these real estate sites can help.
Six tech hacks you'll wish you knew before now
Life hacks are addictive. Maybe you fixed a running toilet with a paperclip, or turned a ruddy old door into a makeshift coffee table. You looked at your invention with pride, because you jury-rigged something together that worked. There are many “tech hacks” that offer simple solutions to everyday digital setbacks. Here’s a list of some of my favorites.
6 ways to speed up slow Wi-Fi
There are plenty of reasons your Wi-Fi acts up. Personal devices have started to stretch available bandwidth, and each smartphone, tablet, television, desktop, gaming console, smart appliance, and laptop is competing for the same signal. Whatever your Wi-Fi hiccups, here are surefire ways to speed things up.
How to get Amazon Alexa on the cheap
When Amazon first launched its Alexa voice assistant in 2014, you had one option for bringing it into your home: the now-classic cylindrical Echo speaker. Since then, Amazon has introduced a slew of new options. But what’s the cheapest one? Before you buy, read these tips where I show you how to get Alexa at a lower cost.
Do airlines track you online to increase their rates?
Booking your flight online? You might have noticed that the cost of your ticket is going up. If you don’t book right away, the price may increase by hundreds of dollars. This is caused by internet tracking. Luckily, I know a secret to help you find the lowest price every time you look.
Powerful Wi-Fi network analysis and diagnostic tools
I can’t stress how important it is to stay on top of your home’s Wi-Fi connection. If it’s not secure, thieves can use it to walk right in your digital front door and steal your information. Turning on encryption on your router is a good start, but you can also download two of the best Wi-Fi analyzer apps out there.
Why you should NEVER throw away or post pictures of your airline boarding pass
Have you made this mistake when you travel? Identity thieves can do more with details from your boarding pass than you realize. You’ll be shocked when you find out just how far they can go, and the level of access you give them to your private records.
Are "low" airline fares actually still a ripoff?
Think you’re getting a great deal on your tickets from the airline for your next trip? Think again. Even with those discounted prices, you can still get ripped off. Here’s the truth about airlines’ low rates, and tips on better ways to book your next flight.
Amazon Prime Day phishing scam spreading now!
Amazon Prime Day was a huge hit, and that’s what scammers are counting on. A new phishing scheme is spreading now, making claims about orders you’ve placed on Amazon. But it’s a trick! I received this dangerous email myself, but luckily I know what to look for. Will you know how to spot this fake email when it shows up in your inbox?
Watch out! Phone repair shops can install secret key logging SCREENS
Who hasn’t experienced a cracked phone screen on at least a few different occasions? All it takes is a small fall that lands at just the right angle, and your device could be ruined. But what exactly is that third-party repair vendor installing. You won’t believe how easy it is for these vendors to install keyloggers that watch your every move.
Use this website to delete yourself from the internet
Everything you do online is being tracked, but I know a way to delete that data so you won’t have to worry about it falling into the wrong hands. Get rid of your old, unused accounts by following these quick and easy steps.
Why it doesn't always pay to book a hotel directly (and what to do instead)
When booking a hotel, there are several factors to look for. Amenities and location are essential, but the price is most important when it all boils down to it. So are you really saving money by booking through the hotel directly? I’ve got some revealing data you have to see before you plan your next vacation.
How to spot disguised malicious files before they infect your computer
Imagine that you get an email from an acquaintance with an attachment so you download it and try to open it. Nothing happens except your computer is now infected with a nasty bug. Don’t let this happen to you.
How to tell if an app is safe to download
Fake apps are everywhere. That’s why you should be careful when looking for new programs on the App Store or Google Play Store. Before you hit install, use this guide to see if that app is safe to download.
To combat these emerging threats, all smartphone users must verify the safety and legitimacy of any apps before downloading them.
Phishing emails tricking people into falling for tech support scams
Tech support scammers have found a whole new way to trick you. It’s a tactic many other scammers use, and it targets your inbox. These emails appear to be from legitimate sources, but if you click on them you could wind up paying out of your own pocket.
Turn this Windows service OFF right now! It leaves you vulnerable to attacks
There’s a service running on your Windows PC that you’re probably not even aware of. It helps you share files with other people, but it’s also a prime target for hackers. If you don’t change this setting right now, you’re leaving the door wide open for a cyberattack that could destroy your entire system.
One mistake people make using public Wi-Fi that lets everyone see their files
Are you always on the hunt for open public hotspots to save on data costs? While these publicly accessible Wi-Fi networks can be lifesavers when you’re in a pinch, they do come with their own share of huge privacy and security risks. Do you really want snoopers monitoring what you do on the web?