Home / Free Resources / Miscellaneous / Password Security – Best Practices

Password Security – Best Practices

By Amelia Eguchi-Wale |

May 11, 2018

World Password Day may have been and gone, but it’s important to stay secure all year round.

How many times a day do you use a password? In a study carried out by Digital Guardian in 2017, which surveyed 1,000 internet users, 70% of respondents had more than 10 password-protected accounts. Logging in to multiple accounts daily means it can be easy to forget the importance of passwords, and password security. They not only help our lives stay as private but also protect us from hackers, cyber fraud, identity theft and other potential threats.

However, not all of us are using passwords securely. According to the Data Breach Investigations Report 2018, there have been over 53,000 security incidents in the last 12 months, and 2,216 confirmed breaches. This is where World Password Day comes in. The annual event, which takes place on the first Thursday of every May, aims to minimize these numbers by raising awareness for staying secure online.

So, where are we going wrong?

Recently, Twitter asked users to “consider changing (their) password on all services” after identifying and fixing a bug that stored passwords unmasked in an internal log. This incident highlights the risk of using the same password across various accounts. Once a fraudster has one of your passwords they have a better chance of accessing all your other logins. Digital Guardian’s survey found that 11% of internet users repurpose the same password across all protected accounts, while only 40% vary them. Not only are users recycling passwords, but those that have more than one may experience trouble remembering them. This encourages risky behavior such as writing down passwords on paper.

Twitter emailed users to encourage them to change passwords on all services.

What are the best practices for password security?

Here are our top tips:

1) Make sure your password is hard to crack (by a computer!)

Advancing computing power means shorter passwords are easier to crack, even if they are brimming with symbols and numbers. Choose a longer but memorable password using compound words.

2) Ensure you have two-factor identification enabled where possible

Create an extra barrier against potential fraudsters by adding validation to the login process. This is especially promoted by World Password Day, who encourage internet users to #LayerUp with multi-factor authentication.

3) Use a password manager to securely save your passwords and speed up your logins

Store multiple, lengthy and unique passwords without having to remember them all. That way, when an organization like Twitter tells you to change your password, you won’t have to change it across 20+ websites. Some password managers have the option to autofill fields and log you in automatically, saving a huge amount of time.

4) Don’t ignore updates on your devices

Updates often include security fixes to protect you. Try to keep your operating systems and applications up to date.