You might think there’s only one day you need to reflect and revisit your passwords on, but the reality is password security goes deeper, and should be thought of more often.
World Password Day is every year, and it provides a day that everyone can look at passwords and be reminded of the hygiene that’s needed to keep good passwords.
After all, your password is one of your main protections online, and so keeping it in the best condition possible is one of the best things you can do for it.
There are many people doing passwords wrong, and there are unlucky individuals who have had their password leaked. It’s possible you fit in one category or even both, making it necessary to check your password hygiene whenever you can, because there are obviously good ways to use passwords, and then there are bad ways.
In fact security company SailPoint found that four in five employees made an error when it came to password security across services and accounts, reusing passwords, something it found in its 2018 Market Pulse Survey.
One of the big issues for passwords is individuality: if a password is leaked, its ability to protect becomes compromised for more than one service.
However individual passwords aren’t the only protection measure we need, as Sophos points out, highlighting weak passwords as a problem.
Sophos’ Ben Verschaeren, Global Solution Engineer at the security company, suggests avoiding using personal information, animals, sports teams, nicknames, business names, family members, and collections of related words.
And interestingly, he says to not to trust password quality metres.
“Password strength meters have become a common adornment for websites and apps that require you to choose a password,” he said.
“Unfortunately, many of them flatter to deceive with vague wording, fancy graphics and arbitrary rules that look important but might actually make your password weaker. Some have been known to send passwords unencrypted across the internet, store them in unknown Google spreadsheets and accidentally leak them to 3rd party marketing companies.”
Instead, you may want to come up with a solid password for yourself, and one that no one else can guess. You’re best bet is to make it unique by using numbers and special characters, and to keep it to yourself.
Sharing is another thing Verschaeren advises against, something you’d think would be common sense, but might not be.
“A recent survey by the purveyors of password management software, LastPass, found that 95% of us share up to six of our passwords with each other,” he said.
“If you share a password, you lose control of it because you don’t know who else the person you shared your password with shared it with, who they emailed it to or where they wrote it down.”
Ultimately, if you suspect you might have done that, or upon reflection of your passwords have suddenly realised they’re not as strong as they could be, you may want to change it.