En español | It used to be easy to create hard-to-crack passwords: You just used at least eight characters you could remember, combining upper- and lowercase letters, numbers and symbols such as @, & and >.
But in recent years, hundreds of millions of user passwords have been stolen in cyberattacks on banks and other institutions, giving hackers broader insight into how and why folks choose the passwords they do.
See also: Protect your parents from scams
Password-cracking technology has improved as well. So now's the time to up your game. What hasn't changed are the password "don'ts."
- Don't reuse the same password across multiple sites; recycling is especially dangerous for email, banking and social media accounts.
- Don't use the following in passwords or answers to website security questions: loved ones' names (pets included), hometowns, wedding dates or anything else that can be gleaned with some online research.
- Don't save passwords or use "remember me" options on a public computer. The next user can access your account.
- Don't reemploy previous passwords, even if you haven't used them in years.
- Never use the most common and easily hacked choices such as "123456," "qwerty" or "password."
- Don't leave your smartphone unprotected by a password, as 2 in 3 users do. Pick a code that isn't something obvious, such as your birth date or birth year. Also avoid common passwords such as 1234, 0000, 2580 (a top-to-bottom sequence) and 5683 (which spells "love").
Here are four strategies for keeping your data secure.
1. Longer is stronger
Many security experts now recommend a minimum of 15 characters, combining letters, numbers and symbols. More characters are necessary because these days a five-character password using these combinations can be cracked in a mere five seconds.
Next page: Your phrase maze is really unbreakable. »