Most, if not all, online account owners who continue to reuse passwords, many of which have already been exposed to a breach, cite forgetting passwords and wasting time resetting them as justification. Does the end justify the means, though, regarding cybersecurity?
It’s pretty standard for many, or even all, to have a hard time remembering our username-password combination for one account. That challenge gets compounded as the volume of our online accounts grows. But is taking time and effort to ensure password security worth sacrificing, given that thousands of cyber attacks occur per day?
Maintaining Password Security Isn’t That Easy
More often than not, forgetting passwords isn’t a sign of indifference to staying safe online. No one wants to become a data breach victim. Still, many password security best practices can lessen ease of access, which is the primary reason why we opt for online banking, shopping, or any other activity in the first place. According to a recent survey, despite their importance, online banking apps are the most forgotten passwords, followed closely by social media accounts.
But why do we forget passwords anyway? Three of the most-cited reasons for lax password security are:
- Creating complex passwords to secure online accounts better can be tedious.
- Remembering unique passwords for all our accounts can be impossible.
- Biometric logins to access our digital accounts can cause us to forget our manual login details.
Forgetting Passwords Can Be a Hassle
It’s common practice for banks to limit the number of attempts to log in to our accounts within a certain period, and for a good reason. So, since no one wants to go to the trouble of getting locked out, most people opt to reset their passwords to get things done.
But did you know that changing an online account password takes an average of three minutes and 46 seconds? For some, that translates to wasting time, pushing them to throw password security out the window in favor of ease of access—a terrible idea given the current digital threat landscape.
How to Maintain Password Security without Sacrificing Ease of Access
We get it. No one wants to waste time resetting passwords. But we don’t also want to suffer the dire consequences of account hacking. So, we listed five ways to help you stay safe rather than be very sorry.
1. Use Different Passwords for Each Online Account
The cardinal rule in maintaining password security is to never reuse passwords, especially for more than one account. If cyber attackers successfully breach one of your online accounts, then all your other accounts using the same username-password combo are automatically at significant risk.
2. Enjoy the Benefits Technology Has to Offer
No password is perfect. That’s why banks and other institutions require accounts to employ multifactor authentication (MFA). More often than not, the additional factor is a token or a mobile phone app that customers use to confirm they’re the ones trying to log in.
3. Get the Right Mix of Length and Complexity
Experts say the longer a password is, the better. The magic number? Create passwords that are at least 16 characters long. Some say complexity isn’t as important as length, but that doesn’t mean it’s not required. Mixing upper- and lowercase letters, numbers, and special characters is the answer.
4. Opt for Passphrases If Randomly Generated Passwords Just Don’t Cut It
Using password generators is the easiest way to create long, complex passwords. But let’s face it. Not all online account holders are techies. Add to that the fact that something like c0ajqOwXoKVVfoqM (a randomly generated password) is a lot harder to remember than !AmS43rl0ck3d (a very strong alphanumeric version of the passphrase “I am Sherlocked”).
5. If Your Memory Can’t Cut It
Password management tools or password vaults can help you keep track of your passwords. Apart from securely storing and backing up your passwords, these solutions also synchronize them across your devices. There are tons of password management tools to choose from. Some even come built into other solutions like virtual private networks (VPN).
Sure, securing your online accounts through adequate password security can be challenging and time-consuming. But if the alternative is losing your hard-earned money to cybercriminals and fraudsters or, worse, getting your identity stolen, then taking time to follow the best practices we cited above would be your best bet.