In order to keep your accounts safe, you need a strong password right? Sounds simple enough. But unfortunately, we’ve been fed myths and poor habits when it comes to password health and some of us might still be engaging in bad password habits thinking it’s actually doing some good.
It’s time to start dispelling some password myths.
Myth 1: Change your password often
You shouldn’t arbitrarily change your passwords unless you have a specific reason to (see our article). If a company was breached, then you can change the password, but otherwise, there’s no reason to change your password regularly. Changing it also risks reusing a password or forgoing effort to make it complex enough to be secure.
Myth 2: You should Replace ‘l’ with ‘1’s and ‘s’s with ‘$’s
Let’s say you’re asked to add a special character to your password or, out of your own volition, you want to make your password more complex so you start replacing ‘s’ with dollar signs, ‘l’s with 1s, so on and so forth.
Except hackers looking to get into an account know these tricks and it’s one of the first things they’ll try. While it may pass the test for a machine asking you to make a strong password, it doesn’t actually do much to protect you.
Instead, either make more random substitutions – use an & for a U or a $ for a K – or just add a random combination of numbers and/or special characters to the end of your password. It’ll make your password much stronger and harder to crack.
Myth 3: Every account requires a strong password
Here’s another myth that requires a balance between security, practicality, and risk. Your bank account and email account? That needs a strong, long, and complex password because there’s huge financial and reputational risk if those accounts were ever breached. But that hobby forum you log into once a month or that app you signed up for and hardly ever use? There’s little to no risk if that account was compromised.
Rather than burning out trying to create and remember complex passwords every time you make a new account, just make sure your efforts are in the right place – the accounts that matter.
Myth 4: Never Write Passwords Down
You may have heard that you should never write down your password as it can be spotted, seen, and stolen but in reality, the risk of someone coming into your home to steal your password is quite low. If you don’t use a password manager, this is a decent plan B, especially if it helps you use a strong password. Just make sure it’s not within sight of any webcams. 🙂
Myth 5: Answer security questions truthfully
At this point, consider security questions as if they asked you to create another password. While security questions are often designed to ask “personal” questions, in these days of social media, where you grew up, your best friend’s name, or your first pet aren’t too difficult to find out. You’re better off just answering with another password or a passphrase.
As you continue to secure your account and create strong passwords, keep these tips in mind and you’ll find that staying secure isn’t all that difficult.