Password Best Practices
How to keep your online accounts safe
Having a strong and secure password is one of the most important tools when it come to safety online. Without a secure password, your account and information can end up in the wrong hands, or worse, published on the Internet for anyone to exploit.
To help you understand what makes a good password, we've compiled some myths, tips, and best practices on password management below.
Password Myths
Tips for Strong Password Security
Use different passwords for different things
Using the same password for everything makes logging easy, both for you and for a hacker. If that password is leaked or compromised, multiple accounts are all at risk!
Use unique passwords whenever possible, and especially avoid using the same password for multiple, important accounts. This is particularly important for email accounts, which are often used for password resets.
Try a random, pronounceable password generator
Random, pronounceable passwords are passwords made up of randomized, normal words. These are far easier to memorize than random characters, but because of their length, can be almost uncrackable!
To use this style password, your password must be truly random. Consider using a password generator like this one. Try generating passwords until you find one that makes you laugh - connecting your password to humor makes it easier to remember!
Consider completely random passwords, stored in a password manager
Password managers like LastPass, 1Password, Enpass, and Dashlane offer a very powerful and secure method of password protection: completely random passwords.
To use this method, set up your password manager with a primary password that you will not forget. Then, every time you create or change a password, use a completely randomized, 20 character (or more!) password.
Randomized passwords of this length are nearly uncrackable. You'll never need to memorize them - just store them in the password manager, and autofill them when needed. As long as you remember your primary password, your accounts will remain nearly unhackable!
Put a password on your computer and a PIN on your phone
Many people save their passwords in an unlocked file on their phone or computer. While this is a step up from the classic post-it note, this is still extremely exploitable. The ITS Help Desk definitely recommends using a password manager instead, which is much more secure.
However, if you must use this method, set up a PIN and/or password lock your phone and computer. That way, if it is stolen, your personal information is not at risk!