Password tip

Passwords are the keys to your online house. You wouldn’t leave your home unlocked when you leave for work, and you should do everything you can to protect your online house and prevent those who wish you ill from gaining access. 

So, how do you create a good password? 

Remember the phrase “long and strong.” Good passwords have a minimum of 12 characters and a mix of upper and lowercase letters, numbers and symbols. 

Better yet, the experts at the National Institute of Standards and Technology say to create a passphrase that uses a few normal words or phrases that have a unique association to you; words that are connected in your mind, but not the same in others’ minds. These are much easier to remember, but harder to guess (as long as your words aren’t also a grouping that is easily guessed, such as the names of your children or colors of the rainbow). 

Examples might be words that come to mind when you think of your house, such as “ b l u e c o r n e r f a m i l y m a p l e , ” or your hobbies, such as “travelboatrelaxsunny.” 

How do you ensure your password protection stays safe? 

•Never share your passwords. 

•It’s OK to make passwords unique to your life, but not something that is easily guessed. 

• H av e a d i f f e r e n t , u n i q u e password for each account. 

• G e t a p a s s w o r d m a n a g e r program to help you remember your passwords. If you write them down, store them in a safe place away from your computer. 

•Change your passwords several times a year. 

Are passwords the only form of protection for my account(s)? 

Typing a username and password isn't the only way to identify you. Some web services add to their security features with two-factor or multi-factor authentication that may include an additional form of authentication to verify your identity, such as: 

•Biometrics such as voice ID, facial recognition, iris recognition and finger scanning 

•A one-time security code.(usually sent via phone call or text) 

•A security key or token; a small device (most often used via a USB port or in conjunction with a smartphone) that is used when logging in 

In some cases, two-step and multi-factor authentication services may be available, but are not required. Ask your financial institution and other online services if they offer these methods or additional ways to verify your identity. The National Cyber Security Alliance also offers authentication tips and a guide on how to turn on strong authentication for several popular online services at strong-authentication/.