keyboard with key on top

Happy #WorldPasswordDay!  The first Thursday of May is designated World Password Day, and it’s intended to promote better password habits to help safeguard our digital identities.  With cybercrime on the rise and data breaches becoming almost commonplace, it’s more important than ever to protect these keys to our kingdoms.  Take a moment today to review these tips to secure access to your accounts.

Use Strong Passwords

You know this…but do you follow this advice?  A recent study of hacked accounts showed that 23.2 million victim accounts used 123456 as the password.  Make your passwords strong  – a combination of upper and lower case letters, numbers, and special characters is best.

Use a minimum of 12–15 characters – longer is better!  Length is even more important than complexity, and long “pass phrases” can actually be easier to remember.  Don’t use easy-to-guess information, such as birthdays, sports teams, or band names, and don’t use dictionary words.

Don’t Use The Same Password On Different Systems

When you’ve picked out a great strong passphrase, it’s tempting to use it everywhere.  Don’t do it!  Even the strongest password does you no good if it’s been exposed in a data breach.  Cyber criminals often take passwords gleaned from a breach, and try the credentials on other systems.  If your social media account is compromised, and you use the same password and email address for your bank account…well, that’s a problem you don’t need.

Web security expert Troy Hunt created a great free resource which collects data on known breaches to help people assess whether their information may be at risk.  Check out Have I Been Pwned to see if any of your accounts have been compromised in a data breach.  (Spoiler:  the answer is probably yes!)

LastPass is a great password management tool for you, your family, or for a business team. (Disclosure: This is an affiliate link, which means I may get a small commission if you purchase through this link. There is no extra charge to you and there is no requirement to purchase through this link to get the latest deal.)

Use A Password Manager

So, I’m supposed to use long, strong passwords, and different passwords for everything – how am I supposed to remember all this?  If you follow best practices for passwords, it’s impossible to remember and keep track of them all – this is where password managers come in.

A good password manager will securely store unique login credentials for all your different accounts.  You only need to remember the master password to the password management tool itself.  Features vary depending on the tool you choose, but many password managers allow you to autofill using a browser extension (be cautious!), sync passwords to use on desktop and mobile devices, help you change passwords on your accounts, and generate strong passwords to help keep your accounts secure.

Most password managers are relatively inexpensive, and many have free versions that may work for you.  I personally use LastPass, but it doesn’t matter what you use, just use one!

#LayerUp Your Login

Yes, it’s World Password Day, and since passwords are still the most prevalent way of protecting an account, we need to follow good password practices.  However, the best password in the world is useless if it’s been exposed in a data breach.  The theme for this year’s World Password Day is #LayerUp – further protect your login by using multi-factor authentication (also known as two-factor authentication).

Multi-factor authentication adds another layer of protection to your accounts by requiring an extra step, such as entering a code sent to your phone, a code generated by an authentication app on your mobile device, or authentication with a separate hardware key.  This may seem a little inconvenient, but it’s a lot less hassle than trying to get your money back if your bank account is hacked or having to cancel your credit card after a major data breach.

Most major companies now have the option to turn on two-factor authentication to help prevent fraudulent access and add additional protection to your account.  Check out these tutorials to learn how to enable this additional protection for many popular services.

Your personal information is valuable – protect it!  Take a moment to celebrate #WorldPasswordDay by reviewing your accounts for strong passwords, and enabling multi-factor authentication on your most important accounts.  #LayerUp and stay safe online!