Whether it's a huge credit card data leak or Zoombombers usurping online classes and events, it’s become increasingly obvious that insufficient password security can lead to headaches… or worse.
As a savvy reader of Debugger, you probably already have a password manager. But perhaps you know someone who doesn't and you're tired of explaining why they need one, so just send them this article instead.
Using different passwords for different sites helps. But even that first step leads to a drop-off in consumer followthrough. A survey from YouGov found that 71% of us use the same password for two or more accounts, and 26% of us use the same password for most or all of our accounts.
No, Really – It's Time To Get A Password Manager - Post Outline
If it feels like you’re juggling a lot of passwords, you’re right. The average consumer maintains between 70 and 80 logins, and households in 2020 averaged between eight and ten devices, with global device production continuing to rise. A report from Cisco estimates the total number of devices in use to increase by 50% between 2018 and 2023, a projection that might have been modest in light of the pandemic. More devices, particularly ones without airtight data security, mean more entry points for hackers to get in.
Related: It's a Huge Mistake To Memorize Your Passwords
Having a strong password of 25 random characters for 70 to 80 accounts across multiple devices is… a mood. Oh, and you’ll also need a system to easily swap out individual passwords at a moment’s notice when a dreaded “Suspicious activity alert” email appears in your inbox. Enter the password manager, a glorious little tool that will both help you be more secure and free up precious brain space.
If you haven’t migrated to one yet, now’s the time. Indulge me the opportunity to scare you with a brief rundown of all the ways your password gets stolen.
All The Ways Your Passwords Leak
First things first: Has an email address-based login of yours already been breached in the past? The website Have I Been Pwned is a quick, panic-inducing way to see if any of your email accounts have been involved in a data leak. Once you know how hackers end up actually getting your password, you have another incentive to make personal cybersecurity a priority. So here’s a shortlist of the most common ways your login credentials end up in the wrong hands:
- Credential stuffing refers to any hacking efforts that leverage breached database information, which is often swirling around on the dark web or in underground circles. Earlier this year, 500,000 Zoom account logins were up for sale on the dark web for less than a penny each.
- Brute force attacks refer to targeted cyberattacks in which a hacker attempts to steal a large number of passwords on one account. Hacker algorithms can run a dictionary’s worth of words and word combinations in a matter of minutes, so if your Rottweiler named Scout has been your password muse, it’s time to raise your game.
- Password spraying utilizes the opposite strategy. In a password spraying effort, hackers take a lazy password like “123456” and use it to attempt login for thousands or millions of users at once.
- Keyloggers are quiet-yet-devastating malware that, once on your computer, record all your keystrokes without you knowing it. Only see those black dots when you type your passwords in? Doesn’t matter; a keylogger is still catching and recording your character combinations.
And then there are phishing emails, which havebeen around for years. That’s because they work. Emails that masquerade as bank statements or password change requests are particularly effective at fooling users into handing over their login credentials on a silver platter.In short: No one password will be perfectly secure, because hacker tactics are evolving all the time. You’re better off having a setup that makes it simple and painless to store and swap out unique passwords for your different logins, and a password manager is the quickest, easiest way to achieve this goal.
Improving Your Password Hygiene
In a password manager, you have one ‘master password’ that unlocks your dashboard of various logins and passwords. While some password managers have a small fee, the cost is nominal compared to the headache of being locked out of your logins. I personally use 1Password, which has a free 30-day trial; LastPass, Dashlane, and Keeper are other popular options.
Here are a few other tips to shore up your security online:
- Enable two-factor authentication. 2FA is one of the best actions you can take to improve your data security and privacy. Whenever you or someone else tries to log in on a new device, 2FA kicks in, sending you an SMS text or prompting you to use an authenticator app to confirm your identity. Authenticator codes aren’t stored in a password manager, but having the two technologies working side-by-side makes your digital identity much harder to hack.
- Update your passwords frequently. Every 90 days is a good rule of thumb, and you may want to change them even more frequently. The good news about a password manager is that you can easily go down the list, swap out all your passwords, and be on your way. Speaking from experience, this can be done in one sitting and pairs nicely with a glass of Malbec.
- Follow basic password hygiene. Recording your password anywhere in writing on your computer is a no-no; it’s time to trash that digital post-it note that has your entire life on it and get with the times. You’ll thank yourself later.
I know what you’re thinking: “But what if my password manager password gets hacked?”
Password managers encrypt their passwords, and even if a hacker were to acquire your master password through something like a keylogger, setting up two-factor authentication will make it tougher for anyone to actually get in.
Transferring over to a password manager takes some time and patience, but once you get used to it and forget all your passwords, you’ll never want to go back. Take the time to research your options, migrate yourself over, and have a little more peace of mind whenever digital drama bubbles to the surface.
Thanks for reading. 🙏🏼
Keep up the momentum with one or more of these next steps:
📣 Share this post with your network or a friend. Sharing helps spread the word, and posts are formatted to be both easy to read and easy to curate – you'll look savvy and informed.
📲 Hang out with me on another platform. I'm active on Medium, Instagram, and LinkedIn – if you're on any of those, say hello.
📬 Sign up for my free email list. This is where my best, most exclusive and most valuable content gets published. Use any of the signup boxes in this article, or go to the newsletter page here.
🏕 Up your marketing game: Camp Wordsmith™ is my business and writing program for small business owners and online entrepreneurs. Get instant access to resources and templates guaranteed to make your marketing hustle faster, better, easier, and more fun. (It's also "glamping"-themed – who doesn't love luxurious camping?!) Learn more here.
📊 Hire my marketing company: Hefty Media Group provides consultation and done-for-you services in content marketing. We're a certified diversity supplier with the National Gay & Lesbian Chamber of Commerce, and we'll make you sound damn good via the written word. Learn more here.
© 2021, 2022, Hefty Media Group. All Rights Reserved.