Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  How to make your online passwords really secure

How to make your online passwords really secure

Passwords for your internet banking. Passwords for your email account. Passwords for your social media accounts. Passwords for your work VPN. The number — and complexity — of passwords we have to keep accounts “secure” can be truly baffling.

There’s a very simple — and very bad — way to manage all of these, and that’s to simply use one or two passwords for all of your services, preferably something you can remember easily like a common word. You may have heard that this is a poor idea, but it’s more than that — it’s a shockingly bad idea, for two key reasons. Firstly, using a common word means it’s uncommonly easy for someone nefarious to ferret out, especially if it’s a dictionary word. You may as well call your password “password” if you’re going to do that.

Just in case I wasn’t clear enough there: Do not, under any circumstances, use “password” as your password.

Equally, it’s a bad idea to use the same password over multiple sites, especially if there’s any kind of money — whether it’s your bank, your credit card details or even something as seemingly innocuous as your date of birth — involved.

Why is that a bad idea? Simply because it sets up a weak chain. You might use the same simple password for your banking as for an online store you only used to buy something once, because your brain associates it with money, but if that store has its own security breach, your password goes with it. It’s a relatively trivial matter to hit multiple services with the same account details (typically your email address and that same insecure password), meaning that using the same password across multiple sites is a rather easy way to leave yourself open to all sorts of nasty attacks.

The issue then becomes one of remembering all your passwords, and this is where password management software can come to the rescue. There’s numerous packages, from the online LastPass to the open source KeePass, but all of them perform the same basic function. You sort out one, preferably strong (meaning a combination of numbers, letters, cases and punctuation marks) password. That’s the key to your password vault, which stores all the rest. Once you’ve got that kind of system in place, it doesn’t actually matter if you remember your passwords or not, because your password vault will. Most packages make it very trivial to set up long randomised passwords as part of basic functionality.

A strong password is good, but introducing multiple levels of authentication is even better; this is often called two-factor authentication, relying on methods that use a password as well as a single use key; that can be something you carry on you physically, or a code that’s sent to your phone via SMS, or similar. The advantage there is that even if your single strong password is compromised, the bad guys can’t get any further, because they don’t have the second part of the key. Two factor authentication can be quite secure (nothing is foolproof), but it’s a matter of working out whether the online services you use support it. Some banks do offer two factor authentication (usually via a random key sequencer that they’ll supply), but many online services don’t. It’s worth checking, however, especially for those accounts, like banking, that you want to keep especially secure.

Share

Recent News

These days we’re expected to have passwords for just about everything. Our social media accounts need a password. So do our email accounts, our online banking and much more. I’ve written in the past how it’s a very bad idea to use the same password for multiple services. The easy solution there is to use… More 

Google has just held its annual I/O developer’s conference, where it lets the folks who do the hard programming work into making apps and services built on Google frameworks get together to learn what’s new. At IO 2019, Google released new hardware such as the much more affordable Google Pixel 3a, which is available in… More 

Hey, have you heard the one about the Nigerian Prince who wants to give you millions of dollars? How about the supermarket reward voucher you can get for liking a Facebook post? What about that can’t-miss investment opportunity that the banks don’t want you to know about? If that sounds like a lot of overblown… More 

I’ve written before about how one of the big trends in the technology world this year is going to be foldable phones. Now, you might not care that much about a foldable phone, but the reality here is that today’s smartphones are just computers, albeit ones that can also make phone calls. For many folks,… More