There’s a lot of advice offered on what to do to create strong passwords. Knowing what not to do is just as important. In a recent article for FINRA.org, Kaitlyn Kieran offers password protection tips on what to avoid. Here’s a summary of three critical things to avoid.
- Steer clear of passwords containing easily-found information. A strong password does not contain elements found in your social media accounts. “If you constantly post about your dog, Fluffy, don’t make your password Fluffy_Lv3r,” Kiernan stresses. Also consider context. While H@rRy*P0tt3r is generally a strong password (because it includes a good mix of upper- and lower-case letters, characters and numbers), it’s a terrible password if you’re a member of a Harry Potter fan club or post quizzes to your page like, “What Hogwarts house would you be sorted into?”
- Avoid using the same password for multiple accounts. “You might think a security breach at, say, LinkedIn doesn’t matter – they have your resume, so what?” Kieran writes. “But if you use the same password, or even a similar one, for LinkedIn as you do for your bank account or Facebook or any number of other applications, a hacker can soon find a way to wreak havoc in your financial and personal life.”
- Pass on the option to link accounts. When you are new to a website and it says you can create a new account or log in using your Facebook, Google or email account, create the new account instead. While linking accounts is quick and easy, that convenience comes at cost. Linked accounts often share private data (whether you realize it or not), which can make identity theft easier. And, allowing one account to have access to others means that if the least secure account is hacked, the rest could also be compromised.