Tip: How to secure and test your passwords

by Fabián Núñez 13, Dec, 2016

secure-password-580x367Passwords and data leaks are so common nowadays that you can't be sure about what site was last hacked. In the last couple of months, users from big companies such as Last.fm, Linkedin, Yahoo!, Blizzard Entertainment and even Sony got hacked and their personal data exposed.

A Last.fm password hack doesn't seem particularly harmful but the truth is that most people use the same login/password for every site they have an account on. That means if someone got your password in Last.fm, they've possibly got your Gmail and PayPal passwords, and use your information for an identity theft and account hijack.

Here are a few tips to make your digital life a bit safer.

How not to be a victim of password theft (or at least make it tougher for account hijackers)

Internet Security 101 is as simple as having a few different login and password for your favorite websites. Three usernames, each with different passwords is a good and easy idea: one super tough for those extremely-important-accounts, another not as difficult for your social network sites and public profiles, and one easy cheasy for those accounts you don't mind at all. The most secure option would be to have a different password for each site, but logins and passwords are almost as forgettable as phone numbers.

If you're a paranoid parrot and really want an OMG password for your most important accounts, the GRC | Ultra High Security Password Generator allows you to create strings of random printable ASCII characters, not just alphanumeric. There's a problem though if you don't remember strings like w$:s;Sw43,89V}0G+E_TvK=, but once you save it in your browser you won't have to type it in again. And if you're worried that someone will steal your computer and hack your accounts, worry not! You can always erase your stored passwords with Prey's Secure module.

If you chose to create your own passwords based on things you like or you'll easily remember, keep in mind most single user password hacks are made by bots using brute force—randomly trying dictionary words again and again.

Passwords like 123456, password,qwerty or using your date of birth are easily remembered, but also easy guessed. You could use dictionary words, but include caps, numbers and non alphanumeric characters such as dots, commas, colons, semicolons or question marks. For example, Where;is:the!B4throom? is a very strong password and not that hard to learn.

As a tip, try using the first two letters of things you really, really like—songs, movies, videogames, etc. For someone that is nuts about "Whole Lotta Love" by Led Zeppelin, LeZeWhLoLo'69 is a very strong password which includes the first two letters of each word of the band's name, the song, an apostrophe and the song release year—all the things a true fan would know—this also follows our previous guidelines: caps, numbers and non alphanumeric characters. Too easy? Go and test it at How Secure Is My Password.

I can't even remember my cellphone number, how am I supposed to get three different passwords?

Our memory works in some mysterious ways and not all the people are equally gifted. Luckily for them there are password manager apps that store security and discloses it using a single password—anyway, you do need to create and remember at least one and it better be strong. If you're going to a password manager app, we recommend LastPass. It's free and works on Windows, Mac, Linux and a variety of mobile devices; it saves and encrypts your passwords on your computer, which is more secure than a browser's default saving option, making brute force attacks pretty useless.

If you choose to use LastPass, you can generate insanely strong ASCII passwords using GRC, generating a different password for each of your accounts.

Too long, I didn't read the whole post

Here's a quick summary of what's a good practice, keeping your passwords safe and secure.

  • Many sites have been hacked lately and their user's data exposed.
  • Using the same login and password for every site allows hackers to hijack all your accounts.
  • Use strong, different passwords.
  • If you can't remember then all, try LastPass
Fabián Núñez
Fabián Núñez

Head of Sales and Customer Happiness at @preyproject. I love tech and Asian food. Headbanging since 2002. Overall badass.
Let's connect:   

check out our

Related Blog Posts

Top data security challenges for 2017

by Matias Wolff March 9, 2017

Cyber and Data Security is a hot topic nowadays. Not only is it present in our daily life, but it has started to affect..

Read More

Making the most out of Prey: Tips and Tricks for Data Security

by Matias Wolff March 2, 2017

Having your devices secured is amazing. You can track them, manage them and even have a software like Prey tell you when..

Read More

Asset management & advanced search: wizard's guide to label location

by Matias Wolff February 17, 2017

You’ve realized that an advanced search capacity is a must have tool to track your devices in multiple locations...

Read More

Top 5 Apps For Data and Device Protection

by Matias Wolff February 8, 2017

If you’re here it means you care about your devices, right? Security is your top priority and keeping your data safe is what..

Read More

Phishing Attacks - How to improve your data security

by Matias Wolff February 3, 2017

Phishing is one of the oldest scams in the books, and with a success rate of 30%, no matter how well prepared you are and..

Read More

5 great Chrome extensions for IT Managers

by Matias Wolff January 10, 2017

Chrome is the world’s most used web browser, and whether you like it or not, 73% of Internet users have it as their..

Read More