Security has found its way into so many areas of our lives that we’re using passwords every day. Many companies are fortunate to have teams dedicated to supporting information security, allowing most employees to go about the workday with little regard to details aside from creating passwords. Through our enterprise-scale information security reviews with clients, we understand the value in having dedicated teams for this important piece of operations.
We’ve been inspired by these findings to engage in more documentation and exploration of security measures. While we rely on some of the trusted leaders in areas like data storage and communications, we pair those security measures with best practices that we take on at an individual level.
If you’d like to expand the security you have in your work life to your personal life, read on for simple steps you can take to make your personal life more secure.
Password Creation Best Practices
The first step you can take in personal digital security is creating and maintaining solid passwords. The National Institute of Standards and Technology (NIST) released new digital identity guidelines in 2017 that flipped the script on what’s recommended for digital passwords.
Change Your Password Less Often
You’re no longer expected to change your password as often. This means less of a struggle trying to remember which password you’re using at any given time. One of the biggest deterrents for creating new, secure passwords is the inability to remember the unique set of letters, numbers, and special characters you’ve used to craft it. This also leads to people reusing passwords. Changing just one letter or number to satisfy password requirements is an easy solution but makes you vulnerable to security breaches.
Passphrases Instead of Passwords
You’re no longer expected to use that confusing mix of letters, numbers, and special characters. Instead, try using strings of common words, which are harder to decipher through common hacking techniques (as illustrated by this popular webcomic). Thinking of these as passphrases instead of passwords can be helpful in moving away from passwords so unique they’re no longer memorable.
Use Multifactor Authentication
It’s recommended that you use multifactor authentication (also known as two-factor authentication or 2FA). The first factor is the password you’ve created for an account. The second factor adds another layer of security by requesting a second method of identification, which is typically another unique code generated for the purpose of authentication and shown within a special application such as Authy, or sent through email or text. The app-generated approach is generally the most secure one.
Password Creation and Management Tools
If you’d like to go one step further with your personal digital security, you can sign up for one of the many password management tools available. The number of options can be overwhelming, so we’ve done some research that might help in the decision-making process.
Cloudberrian’s tool of choice, 1Password stores all of your unique passwords in a vault, and you only need to remember your one master password to gain access to the vault. The tool also features a password generator if you’re tired of coming up with secure passwords on your own. In addition to the user-friendly interface, we also love the password sharing feature and Watchtower alerts for any security breaches to sites that your stored passwords are tied to.
1Password provides options to store passwords either in the secure cloud storage, or locally, so you can choose which type of security you’re looking for.
Dashlane is another widely used password management tool, and its set of specialized features accounts for some of the draw. Dashlane generates a security score for users, showing them how strong their passwords really are. If you’ve got a number of weak passwords, the bulk password changer makes it easy to change multiple passwords at once. It’s also one of the tools that works with app passwords, but only with apps that support Dashlane’s extension. The tool can also capture receipts for online shopping.
Despite some of its fun features, Dashlane only offers two-factor authentication with their paid accounts. If you’re looking for a free account with the highest level of security, you may want to look elsewhere.
LastPass is also a popular tool, offering password importing, fingerprint authentication for mobile devices, and a security scorecard. If your passwords are weak, you can use the password generator, found on both desktop and mobile. The desktop password generator has more sophisticated functionality, providing options to create a password that is easy to say, easy to read, or includes the letter-number-special character combination.
While its feature set might be flashy, LastPass has appeared in the media for a number of security vulnerabilities in the last few years. Though they respond to issues quickly, it’s worth knowing the risk of security compromises.
Regardless of whether you choose to use any of the tools above, it’s a great idea to put some of the same security practices used in the workplace into use at home. The more precautions we take, the less likely are the chances that our personal information will be at risk.