Password Security: Tools and Tips For Small Businesses
Tips and Tools for Password Security
Whether it’s your email, your website, or your Facebook account, there’s no way you want a hacker to gain access. Yet though this is true, we find ourselves so easily forgetting our passwords and usernames that we’re willing to make common mistakes that leave us vulnerable in order to remember our logins. In this article, we’re going to expose some of those username and password blunders, discuss how to create a healthy password, and of course, share with you some tools that will help you create secure passwords and provide you a safe place to store them.
Login Blunders that Make You Vulnerable to Hackers
- Using ‘admin’ as the username when creating login info for your website. If I were a hacker, that’s probably one of the first usernames I would try. If I get that right, I have 50% of your login information.
- Using a very obvious password that corresponds directly to your website. For example, if your site has something to do with cooking tips, it goes without saying that ‘cookingtips123’ will be an easily guessed password.
- Using your name, the name of your spouse, the names of your kids, or the name of your family pet. Between social media accounts, different kinds of directories, etc., it does not take much research to find out this information about you.
- Using your birthday or year, or any obvious numbers linked to you or your family. Again, this is not hard information to find about someone, especially if the person wanting to hack your account or website knows you.
- Capitalizing your password in obvious places…like the beginning. Adding a capital letter or 2 is a great way to make your password more secure. But adding them in an obvious place nearly defeats the purpose.
- Using the same password across a number of different accounts. We’ve probably all done this, even knowing it’s a bad idea. Need we be reminded that the hacker who gets into that one account suddenly has access to even more than he originally worked for? Let’s not help the villain out here.
- Remaining logged in to your accounts. This is bad enough when your prankster friend decides to post something for you on social media. You never know who may get a hold of your device or use it after you.
- Sending your passwords via email or other messaging platforms. In most cases, sharing your password is inadvisable to begin with. However, there are times when this is necessary: for example, sharing your business social media account passwords with your trusted SEO company, reminding your husband of a shared password, etc. If I were a hacker and managed to get into your email, I would immediately search all your emails for the word ‘password’ or for ‘pw.’
- Keeping your passwords in a word doc or other text file or saving them to your browser. This makes all your passwords easy to steal or destroy.
Tips for Creating a Password
In this portion, we’ll hit on a few things we’ve already hinted towards in the password blunders section plus a few extra tips.
- Make it random, unrelated to the site you are logging into.
- Include upper and lower case letters, numbers, and symbols within your password. Ideally, use more than one symbol.
- Be unpredictable. Place your capitals in random places within your password, not where you would normally but a capitalized letter (like the beginning). Don’t clump all your special characters together but spread them out within the password.
- Make it memorable and easy for you but hard for anyone else to guess. For example, instead of using a full word, get creative with a memorable phrase, but don’t spell it out. Example: for the phrase, “So happy to be alive,” you could come up with something like “s0:)2B@liV3”.
- If possible, don’t allow your website to show an error message that specifies which part of your login was incorrect in a failed attempt (like a message along the lines of, “Incorrect password for username”).
- When you are creating a password for an account, be sure to test your password strength. You can use a tool like this one: https://howsecureismypassword.net/
- Longer passwords are better. If possible, make your password longer than the typical 8-character password. The longer they are, the harder they will be to figure out.
- Don’t use common dictionary words or even misspellings of words. The best practice is to never use a recognizable word. Passwords that look like gibberish are stronger.
- If you are using security questions and answers, make them just as hard to figure out as your password. Again, using information like your spouse’s name will make research easy. The site doesn’t care if you are giving the right answer to the question as you’re creating it. Just give an answer that is random and cannot be found anywhere online.
- Always be aware of your surroundings when entering a password or creating one. Make sure no one is watching your keyboard or screen.
Tools for Managing Your Passwords
If you’ve been feeling more and more overwhelmed as you read the lists of login blunders as well as the tips for great passwords, we’re right with you. Now you’ll really appreciate this good news.
There are great tools out there that can help you keep track of all your passwords in a secure place and help you generate secure passwords for new accounts. We’ll share a few of these tools here with you. You don’t want to select just any password manager. After all, it’s password security we are talking about. Here are 3 tested and approved secure password managers that we recommend.
- LastPass is an excellent password-managing tool that allows you to store an unlimited number of passwords, safely share passwords should the need arise, generate new and secure passwords, and auto-fill online forms. When using a tool like this, you really only need to remember one password…the secure one that allows you to access all your other saved passwords. LastPass has a number of different plan options. You can get a personal plan for free; the personal premium version is just $1/month. The highest price you will pay for LassPass is the Enterprise version for just $4 per user/month. Tip: When using a tool like this, make sure to log out every time you leave your device so that your password store isn’t accessible to anyone else.
- Sticky Password is another excellent and secure password management software. Sticky Password manages your passwords and personal data, auto-fills your online forms, generates strong passwords, and even stores credit card numbers for a speedy checkout. They have a free version of the software as well as a premium for $29.99 for one year.
- Dashlane is another tool very much like the previous two. You can use it to manage and store passwords, automatically fill forms online, generate passwords, change your passwords, and it can be used as your digital wallet. Dashlane provides you instant security alerts if your account is at risk. With this password manager, you can get their free version or their premium at $3.33/month.
Bonus Tool Suggestion:
We have one last tool to suggest if you ever absolutely need to share a password.
Quick Forget is a tool that allows you to share a password or other types of sensitive information with someone. You can choose how many views your message has before it’s forgotten or how many hours it’s available before the information is no longer accessible.
All you need to do is enter your secret in the message box, select when you want the message to expire, and then email the link. Don’t include anything like, “Here’s the link to my password/PW” in your email.