I’m sure there are many of you thinking about what New Years resolutions to make (and keep), hopefully it’s a list of positive changes and not just cutting out cake and chocolate (I love cake, that’s definitely not on my list).
This year please add one resolution that’s easy to keep… change your password!
The internet can be a scary place, but it’s part of our every day life and we’d be lost without it.
With so many services available to us, it’s easy to use the same password everywhere, or simple ones that are easily remembered across different services, but it’s time to make a change, a new years resolution to make it harder for cyber criminals\malicious actors\bad people take advantage of you.
We know it’s a nightmare to remember all of our passwords, but if someone manages to guess your password or if it gets on a list of compromised logins available freely or to buy online, it can cause you such a headache. This is such a simple change, one that we all should be doing regularly, so please take a few moments to read these tips and start 2022 as cyber safe as you can.
• Try to use a complex password – please, please, please don’t use ‘12345’ or ‘Password1’ for anything! Many criminals will use lists of known passwords like the 2 mentioned above and ‘spray’ these lists at multiple services seeing who might have used them, it’s the old adage, throw a load of mud and see what sticks. Try using a small random sentence as your password, versus a single word and number, such as ‘johnnyrodeagiraffetolasvegasinpinksplippers’, you can get quite creative with this approach! That example would take a computer about 6 tredecillion years (long long time) to crack, whereas ‘password123’ would take less than a month for a computer to crack. Want to see how long the experts think your password will take a computer to crack, check out https://www.security.org/how-secure-is-my-password/
• Don’t re-use passwords for more than one site or service – password re-use can expose many of your accounts; a criminal only has to ‘hack’ one service provider to gain access to a bunch of other service you have used your password on. If they get access to your email account, they’ve hit gold! They can see all the emails you’ve had from all of your different accounts and if you haven’t used the same password they found to get into your email, they can probably just request a password reset link to your email address. If we can convince you to change one password regularly, make it your email account.
• Don’t save passwords in a text, word or excel file on your computer – you don’t leave your keys in the front door overnight, so don’t leave passwords lying around either. If you have many passwords and think it would be difficult to remember them all, (now that they are complex and different for each service… wink wink nudge nudge), try using a password manager. This is an application you install that requires you to setup 1 strong password and acts as a vault for all your passwords. Do a little research online and you will soon find a few consistently good ones listed in multiple reviews. You may find your mobile phone can do this for you already.
• Try to use Multi Factor Authentication / 2 Factor Authentication – might sound complex, but the chances are you have seen this working already; try resetting your banking app password and you get sent a 1-time pin or code to a registered email address or number, sound familiar? It’s similar to this process, but you get the additional code every time you sign into the service. As the second code is random between you and the service, makes it harder for the criminals to know that second bit of information, adding additional layers of security to you gaining access to an online service. We have this feature, super simple to set up and we’ve even done a guide https://www.names.co.uk/support/articles/enabling-two-factor-authentication-for-the-control-panel/