Five Sure Ways to Keep Your Passwords Safe From Attackers

With more and more people moving online, there are hundreds and thousands of passwords created, used, and deleted in the web every day. But how would you ensure that your password is just yours? What most people don’t realize is that it’s easy to lose a password and easier to reset it. But when you have a single password for a bunch of sites, and someone steals your password, you run the risk of losing all your sensitive data. That’s why you need to be wary of your password choices and how you protect them. Here are five expert tips to help you keep your passwords a little closer and your data a little safer.

Beware of unsafe websites.

No matter who sends you an unknown link via email or a message on your phone, take a moment to think about it. There are plenty of unencrypted websites that trick you into entering your password and then steal away your information. To remedy that, just look at the URL and find the lock icon. Don’t enter your password into sites that don’t have a lock icon.

Phishing is yet another way hackers get into your data. But thanks to modern web browsers, whenever you’re trying to load a phishing site, your browser will warn you with a full-screen message. Watch out for it.

Go random.

The best way to make sure that no one guesses your passwords is to make them as random as possible. Attackers usually either use a database to find common passwords or they just guess. So go ahead and make your passwords as long as you like them. The weirder your password, the stronger your information.

But sometimes, hackers steal passwords for major sites — like the recent Yahoo attack. In that case, you’ll have to change your password for that site. Which is fine, unless you’re using the same password for plenty more sites. Then you’re just opening up all your online accounts to attackers. Make sure that you vary your passwords.

Lie to security questions.

Most websites nowadays have a second layer of password protection. In case you forget your password, you need to answer a few security questions to get back into your account. This is a great idea, except that most “security” questions aren’t that secure. They are mostly based on your life’s incidents that many people know about.

That’s why you should just lie. These websites don’t verify the authenticity of your answers to security questions. They don’t care if you called your first pet $$6373528. So go on, make your security questions as random and as long as your passwords.

Try a password manager.

This one’s a rocky road. Sure, it’s sensible to store all your passwords in one place, protected by a master password. But what of you lose your master password? Here’s the thing, though: Password managers like LastPass encrypt your master passwords. That means that your master password isn’t stored on any server. Instead, it’s encrypted on your computer. So an attacker looking to get your master password will need your computer in the first place. Either way, your passwords will be safer when you’re using a password manager than when you’re not.

Consider the 2nd factor.

If you’ve been using the internet for a while, you would’ve noticed that plenty of sites now offer an extra layer of protection for your account. This is called two-factor authentication or TFA. This usually ties your account with your mobile number so that everytime you log into your account, you’ll need to verify with a security code sent to your mobile. With TFA, even if attackers have your password, they can’t log into your account unless they have your mobile, as well.

There you have it: five simple, yet effective tips to keep your online accounts free from attacks. Thanks for the advice, Mozilla Blog.