World Password Day 2019: How to create strong passwords, manage them and stay secure online

Time's up on using '123456' as a password online 
Amelia Heathman2 May 2019

We all know having a strong password is integral to staying safe online.

But how many of us are guilty of using ‘qwerty’, ‘123456’, or even ‘password’ online?

According to SplashData, these three passwords regularly top of its 100 worst passwords of the year list.

Yet, this is actually pretty dangerous. Last year, there were 1.4 billion personal email and password combinations for sale on underground auction sites in 2017 according to Norton.

Security researchers, such as Troy Hunt with his HaveIBeenPwned.com website, spend their time dedicated to collecting the emails found in data dumps on the dark web to show people just how easy it is to hack their account.

And it’s not just your email address. According to research by security company Symantec, attacks against connected devices, such as wearables and routers, have increased by more than 600 per cent last year.

It’s really not that hard to create a strong password and use it to protect your data, whether that’s a wearable or your email account.

Here are the best tips for staying safe online.

How to create a strong password

Make sure it is complex and unrelated to yourself, advises Parcel2Go. So don't use your partners’ name, their date of birth and certainly not your own.

Instead, choose a long password, which includes numbers, lowercase, uppercase, and symbols.

The more complex it is, the harder it will be for cybercriminals to crack.

Once you’ve come up with your strong password, you can check how good it is. Use password checking tools such as howsecureismypassword or passwordmeter to evaluate its strength.

Now you have your strong password, here’s how to protect it.

Use a password manager

Rule number two of online security is do not use the same password twice. But it can be hard to remember all those secure combinations, right?

That’s where a password manager comes in. LastPass or KeyPass offer free password managers. Or you can pay for Dashlane, which comes in a handy app on iOS and Android.

Use two-factor authentication

Most websites offer two-factor authentication now without you realising it. It adds an extra layer of protection between your data and a hacker.

For instance, Gmail. When you forget your password for Gmail, it often asks you to prove yourself using a code texted to your smartphone or via a call. Google uses this to prove it is you.

For other services, you can choose to add two-factor authentication during the login process – either by scanning your fingerprint or typing in a pin.

Change your passwords regularly

Every now and again, it’s worth checking sites like HaveIBeenPwned.com to see if your email address is being sold on the dark web somewhere, particularly when a big data breach has been announced.

And, it’s worth changing your passwords regularly too, to keep ahead of issues like this.

Now you have your handy password manager to store them all, it makes it easier to keep all those strong passwords secure.

Hope for biometrics

Last month, NatWest introduced the first biometric debit card, which relies on a biometric reading of your fingerprint instead of a PIN to authorise payments.

HSBC recently announced that its voice biometrics system has been used 15 million times since it launched in 2016, and has prevented over £300 million of customers' money from getting into the hands of telephone fraudsters.

Given the many issues that can arise from password breaches, biometrics are one way to improve security. Mark Crichton, senior director of security product management at OneSpan, believes more companies should look to password-less authentication to protect their customers.

"It’s clear that passwords alone are no longer enough. This is why there is an increasing need to evolve the intelligence, strength and complexity of the systems that work alongside passwords. Banks and other industries need to take more ownership of authentication to help detect fraudulent account access," he said.

According to research by Nuance, 64 per cent of UK adults said they feel comfortable with biometric technology.

A password-less future could be on its way.

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in