September 4, 2018
Step #1: Choose a password manager
The best way to ensure your passwords are secure is to use a password manager like 1password, Lastpass or Keepass. These services generate encrypted passwords for every website you use. You will then create one master password to use for logging into all of your accounts.
Step #2: Create an unbreakable master password
This code can open up every password of yours to potential scammers; so be extra careful about choosing one that is virtually unbreakable. Follow these rules for a strong password:
- Make it long. Many sites require a password that is a minimum of 8 characters long, but a 12-character password is even stronger.
- Be creative. Avoid using names, places and recognizable words, since these are easily cracked.
- Mix it up. Vary your capitalization and the kinds of characters you use, switching back and forth from letters to numbers to symbols.
You can run your password through an online password checker like the one on OnlineDomainTools.com
to test its strength. Once you've created a super-strong master password, work on memorizing it. Write it down and then rip up the paper as soon as you've memorized it.
Step #3: Update all your passwords
Next, sync all the websites and accounts you use with your password manager. Follow the guidelines on your password manager for this step, as they differ with each service.
When you're through, you'll only be able to log into these sites with your master password.
Some sites employ outdated systems that won't work with a password manager. For these sites, you will need to use different passwords. You can slightly amend your master password for these sites or create new ones using the guidelines above. Use a different password for every site.
Step #4: Use two-factor authentication
Add another layer of protection by choosing two-factor authentication whenever you have that option.
Step #5: Be careful with security questions
Security questions are extremely insecure; anyone can Google the answers. If all a scammer has to do to retrieve your password is answer a security question, the strongest password is worthless.
Treat security questions like passwords. Never answer them truthfully. Instead, make up mnemonics or nonsensical answers that are difficult to crack, but easy for you to remember.
Step #6: Don't let your browser or phone "remember" your passwords
Keep your passwords in your head and not on your devices. Otherwise, you'll be in deep trouble if your computer or phone is swiped.