How easy would it be for someone to hack your favourite go-to password?
That’s a trick question: You shouldn’t have a go-to password that you recycle across your various digital products and services. Instead, you should try to come up with a different secret password each time.
A good password isn’t elegant-looking and easy to remember. In fact, “ugly” passwords — ones that contain a variety of characters in unusual combinations — are far harder to crack. Using special software that can make 15 million guesses per second, hackers can bypass most passwords in a matter of hours — or even faster, if you use a really common password.
Unfortunately, most people use only a few passwords and change them infrequently, if ever. The most common passwords in Canada include “123456,” “keeptrying,” “welcome” and, of course, “password.”
Here are six tips on how to protect your passwords:
Use a “passphrase” instead of a single word. Your phrase should be relatively long, at least 12 characters, and include random words, numbers and symbols. Something that you will be able to remember but others couldn’t come close to guessing, such as: “I love Michael Buble’s Christmas album” = i<3MB/Chri$tm@s!
Use different passwords for multiple accounts, especially for sensitive ones such as bank accounts, credit cards, legal or tax records, or medical files.
When it’s available, use two-factor authentication. This requires both your password and an additional piece of information. The second piece is generally a code sent to your phone or a random number generated by an app.
Change your passwords regularly. It’s a pain to change and then remember all your new passwords, but it’s one of the best ways to keep your private information safe.
Consider a password manager. A written list would be best, but keep the list updated as well as secretive. If you’re worried about losing it, consider a reputable password app that can store all your password information and security answers in case you forget.
Avoid easy passwords, like your pet’s name, mother’s maiden name, the town you grew up in, your birthday, etc. A strong password has at least 10 to 12 characters and a mix of upper- and lowercase letters, numbers and symbols.
The Government of BC says that a password with five digits and uppercase and lowercase letters (eg. “Apple”) would take only 25 seconds to crack. Meanwhile, a password with more than 12 digits, numbers, symbols and a variety of uppercase and lowercase letters (eg. B3tterBu!sn3ssBure@u) could take 1,000 years.
Make an Ugly Password in 3 Steps
Good:
Use a mix of uppercase and lowercase letters: Canucksfan becomes CanucksFan.
Time to hack: 1 minute
Better:
Use numbers and characters: CanucksFan becomes CanucksFan/92.
Time to hack: 1 hour
Sources: Government of British Columbia, BBB, Interac