Managing Passwords Before Shopping Online
Everyone hates passwords and no one wants to remember them but they are still our first line of defense in the fight against Cyber criminals. Nevertheless, the most common passwords are still “password” and “123456”. Until passwords are no longer required, you should create complex passwords at least 10-15 characters long, with upper and lower case letters, numbers, and special characters (i.e.!#$%^&*). The longer and more complex it is the better and the harder it is to crack.
Changing passwords frequently is also necessary to protect yourself. Users whose information was compromised in the Target and Home Depot breaches, were told to change their passwords immediately in case a hacker attempted getting into their accounts. It is suggested that you change your password at least every 30-45 days and have a different password for every website or account you use. This is especially the case during the holiday season.
Having multiple long, complex passwords and constantly changing them makes it impossible to remember any of them. Password Manager applications were designed to store all your personal information such as User IDs, passwords and even credit card information. Which application you use is not as important as the features it has. Most importantly, it must be encrypted. Most password managers are using 256 bit AES encryption. This is the highest level of encryption currently available. Storing passwords in unencrypted notes applications or word documents is dangerous and easily breached. Once your password manager is installed it will be the only password you need to remember but it is still important that password follows the complexity requirements above.
The second most important feature of a password manager is the ability to support multi-form factor authentication. By this I mean, the ability to require at least two forms of authentication such as:
- Something you know – User ID / Password
- Something you have – A mobile device that can provide you a PIN when logging in to an account.
- Something you are – BiometricsBy requiring multiple forms of authentication you can secure your private passwords and limit the possibility that someone will break into your manager and steal them.
These two basic features are included in most free versions of password managers and are the most critical. Other features included for convenience but do not necessarily increase the security of the applications and may require purchase of the premier versions.