Harder Better Faster Stronger Passwords

08 November, 2024

Your digital presence leaves data that can be used in various ways against you – from annoying phone calls to identity theft and other serious crimes. Luckily, you hold the key to keeping it locked and safe – your credentials that allow you to prevent cyber criminals from gaining access to your information. Below you will find tips on how to ensure your password is always better than the hacker trying to obtain it.

Use a password manager

“I want to keep my accounts safe, but how can I remember 20-character long and complex passwords all the time?” The answer – password manager. Not only does it store your passwords, it also offers to generate a random scramble of letters and words to make THAT your password. And the beauty of it all? You just have to remember one master password to unlock your password manager. That’s it! When choosing which password manager is right for you, consider their additional functionalities, which would allow you to merge some of your needs into one. Multiple password managers offer 2-factor authentication, gives feedback on your password strength or offers shared vaults for multiple team members to have access to specific credentials.

Long and confusing passwords are safer

Did you know that if you have a password of 5 symbols with random letters and numbers, a hacker can decipher it in mere seconds? If you prolong it to 8 characters, the hacker will get stuck between 15 minutes and a couple of hours. That being said, if your password is 16 characters or longer, it is estimated that the hacker will not decipher your password – even in a billion years.

When making your password, consider using a variety of upper case and lower case letters, numbers and symbols to make the password more complex.

Use passphrases instead of passwords

Passphrases are a great way to improve your credential security. Here are a couple of tips:

  • Instead of using a popular saying, ex: venividivici, use a phrase that speaks only to you, ex: apineappleisnotanorange.
  • Randomize special characters, numbers and upper-lower case letters, ex: aP1n3@pp!3!5n0+@n0R@ng3.
  • Make your passphrase unique to each account. To make it easier for yourself, select a not-so-obvious way to tie the product with your password. For example: an Apple ID password can be aP1n3@pp!3!5n0+@n0R@ng3.

Make sure to enable multi-factor authentication

Multi-factor authentication (MFA) creates additional layers of encryption, making it that much more difficult for access your account. Even if the hacker would be able to break your password, by-passing MFA can become a close to impossible task. For those reasons, Guru Pay has enabled SMS authentication on your account as a default setting. As for other accounts, make sure to visit security settings in your other accounts to see if they offer multi-factor authentication.

Keep your credentials private

While it seems self-explanatory, there are multiple situations when you might gravitate towards sharing your password with someone else out of convenience. That being said, if multiple people share credentials and something goes astray, it can become a close to impossible task to trace back the perpetrator.

Should you have an account that requires multiple people to sign in, Guru Pay suggests adding additional users, who will have their own separate login credentials.

Be mindful of phishing attacks

Phishing is a type of cyber attack with the purpose of obtaining your credentials by pretending to come from a point of authority. The purpose of these attacks is to get you to give up your credentials and access your online information. To keep yourself safe from phishing, here are a few tips:

  • Always double-check the sender, noticing if the spelling and domain name are coming from a legitimate source.
  • Monitor for grammar or logical mistakes in the email.
  • Be mindful that most legitimate services will never ask for your personal information via email and will opt for a phone call or other types of verification. If the email requests that information, verify it through an alternative communication channel with the company mentioned.
  • When in doubt, never click fast links – hover your mouse above the link instead to reveal where it leads to.