The best passwords are easy to remember, hard to break, and changed regularly. This can be a problem; if a password is too difficult to remember – meaning it meets complexity requirements and is long enough to withstand attempts to crack it – it will likely wind up on a note in your desk drawer or taped to your monitor.
Arguably, the best advice comes from someone that understands how passwords are cracked; both are explained here. Once you have a password, you can check how strong it is: this one works through your browser so you don't need to upload your sensitive information anywhere. If it's good, use it and remember to change it (it's not as bad as it sounds).
We hear about high-profile breaches; if you are affected by one of these, the parties responsible for keeping your information safe will eventually contact you and let you know what you can do about it.
But it has been reported that nearly a Billion compromised email accounts are published online. If you wonder whether yours is among them, head to ';--have i been pwned? and enter an email address. If you find yours, change your password for every account that uses that email address or password. You can also check whether one of your passwords has been compromised and sign up for notifications in the event of a future breach or 'sensitive' data dump exposes your information.
The average person has about 25 online accounts and most people recycle their passwords. If you are among them, a single breach could affect all accounts using a common email address/username or password. It doesn't matter how strong a password happens to be; if it's already online you can never use it safely.
Our brains can only hold so much. In this survey, 72% of the 263 participants had difficulty remembering their passwords. The result, as we already know, is we reuse and write down passwords. There are techniques for remembering passwords, but we can expect to need even more passwords in the coming years.
REMC1 is always looking at security; you've probably heard us mention 2-factor authentication and password managers.
Reputable password managers are available for your phone as well as your computer. Bitwarden is free and promises to always be free.
LastPass offers a way to verify password strength, however recent changes allow you to use it for free only on either mobile devices or desktop machines, not both.
This feature provides an additional layer of security in case your password is compromised. REMC1 highly recommends that staff, especially administrative and administrative assistant staff, utilize this feature for their Google Account. Learn more about this at the Google Account Help Section on Setting up 2-Step Verification, our wiki page, or viewing our video tutorial.
REMC staff is happy to answer any questions you have on potential spoofing, viruses, malware, and security.