Updated 1/14/2022. In this article, we discuss the passphrase method for password creation, using a password manager, setting up 2- or multi-factor authentication, and the importance of security around your email account.
We’ve all been there. You can’t login to your bank app to find out your routing number for the millionth time; You can’t get into your work email while a customer waits to hear back; You can’t get into your car insurance app to prove you are, indeed, insured. All because you have too many passwords and can’t keep track of them all! We get it! Some sites ask you to reset it a ridiculous number of times, the suggested passwords aren’t memorable and passwords aren’t always saved across all devices. The most embarrassing part can be having to contact your IT Support, because you’re locked out of your account! We’re here to help. These two options are great solutions for small businesses, individuals or even large teams!
This low-tech formula we suggest is referred to as the pass phrase method. It goes as followed:
Pick your phrase. This will be the main part of all your passwords. It should be two words—one that has significance to you, and an adjective for that word. As long as you avoid information or names that’ll reveal your identity, you’re good to go! Here’s an example:
- Growing up in the north, I swam year-round. To this day, swimming has a special place in my heart. That’ll be my significant word: swimming. Now I’ll describe how I felt: Joyful. So my phrase will start with JoyfulSwimming. Take note of the two capital letters!
- Next, to please the password gods that demand usage of all character types, (it’s for our own good, but man can it be a chore!), let’s add a symbol and number.
- So now my phrase is JoyfulSwimming*5.
What follows will be dependent on the site you’re logging into. We suggest an abbreviation of said site. So, following my above examples, it could be WF for Wells Fargo, OK for Outlook and GC for Geico.
Here’s the final passwords:
- JoyfulSwimming*5WF
- JoyfulSwimming*5OK
- JoyfulSwimming*5GC
This method is handy because you’re not having to remember the entire password–just the abbreviation at the end! Additionally, since each abbreviation is unique, it’s a long-term solution to your password mess as you gain new logins. Lastly, when you realize your password isn’t there, you (and only you) can easily guess it!
If you aren’t feeling creative enough, lack time to painstakingly do this for each login or need a system for your entire business, use a password manager! Our top two suggested managers are Bitdefender and DashLane! Either of these systems can be implemented, without any need for IT support services. The pros of using a password manager include:
- They reduce risk, much more so than saving your passwords to your phone or preferred browser.
- They’re available on multiple platforms, with multiple versions, depending on your needs.
- They can generate STRONG passwords for you, utilizing all character types. Say goodbye to the passphrase method!
- Once your passwords are saved into those managers, they’ll autofill for you when logging in to sites you use on a day-to-day basis.
- If your account is through work, you can 1. share logins with coworkers for sites your business operates through and 2. create a personal login and link the two!
- Bitdefender monitors your database and will let you know immediately if you were involved in a data breach. If this happens, they’ll even change the necessary passwords for you!
You won’t know what to do with all the extra time on your hands (literally), now that you aren’t having to reset your password or call for help each time you forget it!
Lastly, regardless of which method you use, PLEASE utilize two- or multi-factor authentication. This inhibits hackers from accessing your account due to a second (third or fourth…) factor proving your identity. Common means are automated phone calls, emails, texts (more on that in a moment), or devices or apps providing a code that changes every 30-60 seconds. A couple things to note:
- Thankfully, this is becoming very common. Utilize it wherever offered, especially your email! This is the most important login that must have 2- or MFA enabled. Oftentimes when creating an account, you’ll now be prompted to set up the extra security step. Do it!
- Due to the insecurity of automated texts as the second factor, this strategy is lessening in popularity. We don’t recommend it because hackers can grab the text en route to your phone. Additionally, if you lose your phone, a hacker could get into any account. Our preferred method is an app that provides you with the 30-60 long code or asks for your verification. In-office, we use Duo and Google Authenticator.
When your computer support is through Partners Plus, an outsourced IT support company, we ensure for your business’ safety that you’re utilizing strong passwords and multi-factor authentication. And for good reason–we make sure you understand the importance! In general, a good rule of thumb is to implement these steps for any login for your phone, email, work, insurance, financial information or medical information. The most important login from this list, though, is your email. This login MUST have it’s own unique password, with 2- or multi-factor authentication enabled. Think about it–all other logins, including those from the above list, probably are connected to that email. If a hacker gets into your email account, they can get into everything.
We hope this article helps you manage passwords for your online presence, whether that’s personal or professional. Feel free to reach out to us, an outsourced IT company, with any questions, comments or concerns.