The cybersecurity statistics are astonishing:
- In 2015, 2 in 5 people received notice that their personal information had been compromised, an account had been hacked or a password had been stolen.
- So, not surprisingly, 8 out of 10 people are worried about their online security, and 7 out of 10 people no longer trust passwords to protect their online accounts.
- Yet, 68% of people use passwords that are at least 5 years old and on average, people only use 6 unique passwords to guard 24 online accounts.
Do you use the same password across multiple accounts? Have you been the victim of online identity fraud? If you answered either of these with yes, it seems you could use some help protecting your data.
While some experts say you can’t protect your personal data, we believe in doing (y)our utmost to deter those that try. So here are our tips on how to protect your data.
Important password rules everyone should follow
When it comes to passwords, the rules are stringent (any compromise on below, and you are compromising your data):
- Use a different password for every single account.
- Passwords should be 8-10 characters in length. For highly important accounts, such as your bank account, an even longer password isn’t a bad idea.
- Use numbers, symbols, the upper and lower case as much as the account password allows.
- Never use names or number combinations that can be easily guessed (for example addresses, family names, pet names).
- Change your passwords regularly and make sure you update your password manager (we’ll talk about that in a sec) at the same time.
- When setting up an account, and security questions and answers are requested, do not answer truthfully. Your mother’s maiden name provides no security at all, especially when you provide the correct answer to all the online accounts that ask for it. Instead, use a random answer and document it in your password manager (bear with us, you’ll find out what this is in a moment).
- If you need access to your partner’s passwords in an emergency you may want to store their master password in your password manager (keep reading).
- Never write down your master password. NEVER!!! This is the only password you ever need to remember. So, there is no need to write it down. Got it? Make sure though you change your master password regularly (refer point 5 above).
Why you should get a password manager
We are online on one of our devices at least once a day: to book accommodation or transport, manage our finances, upload photos to social media or maintain our website. To be able to use these online services, we need an online account, requiring us to provide a username/email address and a password.
I have more than 300 active accounts, Sandra has 240. To ensure we use a unique password for each and every account, we store our passwords in our respective password managers: I use eWallet, Sandra uses mSecure.
Both password managers work in a similar way – we just use two different ones as we have different interface preferences:
- Passwords are stored in 256k/bit encrypted format in the password manager application.
- Each password manager syncs the databases to our DropBox account on a regular basis. Both the sync process and the DropBox file are also encrypted. This gives us peace of mind if our devices get stolen and a lot more control than password managers that store the data in their own cloud such as LastPass.
We both have been using our password managers since 2011 and 2012, respectively, and never had an issue. Knock on wood…
What else can you do to protect your data?
- Never enter your username or password while using unencrypted or non-VPN wifi.
- Use the web or app-based two-factor authentication for accounts that support it.
- Turn on BitLocker Drive Encryption (to ensure your Windows hard drive is encrypted).
Feature photo by Micah Williams on Unsplash.