Cloud Hosting

Many arbitrary holidays litter our calendars (ahem, Tin Can Day), but World Password Day is one fully supported by the PCWorld staff. Were all for ditching weak passwords especially when strengthening your security takes only a little effort.

Follow these four easy suggestions and youll thank yourself for years to come. Not only will data breaches and hackers stop being immediate threats, but you wont have to scramble to remember a collection of user name and passwords. Thats especially true if you opt for a newer form of account protection thats simpler to use than passwords.

Trust us, you want to safeguard yourself. Data breaches are common these days, and as Bitwardens latest survey results indicate, a concerning number of people still reuse passwords (31 percent in the U.S. do so for 11 to 20+ sites!). And with so many data leaks, its getting easier and easier for hackers to not just know your passwords, but figure out the personal info you might use in a password another prevailing bad habit (42 percent in the U.S.). Yikes.

Password managers make better account security so easy. You only have to memorize one strong password to safeguard nearly all your other login info. (Heres how to come up with a good master password.)

You shouldnt have an issue finding a password manager that suits you, either its perfectly normal to have reservations about them, but there are so many options out there. Want something that integrates seamlessly with your phone or browser? Google, Apple, and Firefoxs password managers are basic but solid. Hate the idea of all your passwords sitting in the cloud? Try KeePass or one of its variants. Need support for advanced two-factor authentication methods, like a YubiKey? Many paid services include it. Password managers now also generally support passkeys, a simpler yet more secure method of account protection.

Paying for a good solution isnt always necessary either, as youll see when going over our lists of the best paid password managers and the best free password managers. The kinds of features that unlock when paying for services are helpful indeed, especially if youre using multiple devices or want to secure passwords for multiple people, but theyre not absolutely vital otherwise. That said, our go-to solution Dashlane makes managing passwords dead simple and only costs $33 per year, or $2.75 per month. Its money well spent for the added security (and the extra polish).

And dont worry if you try one service and dont like it. Exporting and importing password databases is simple.

Companies like Terahash can combine several hundred GPUs to crack short passwordsinstantly. This chart shows how longer passwords can make the process impossibly long, even with such computing power on hand.

Companies like Terahash can combine several hundred GPUs to crack short passwordsinstantly. This chart shows how longer passwords can make the process impossibly long, even with such computing power on hand.

Terahash / Twitter

Companies like Terahash can combine several hundred GPUs to crack short passwordsinstantly. This chart shows how longer passwords can make the process impossibly long, even with such computing power on hand.

Terahash / Twitter

Terahash / Twitter

Even websites that barely register in your memory deserve a strong, unique password. If youve left behind traces of personal information or financial information, like stored credit card info unauthorized access to your account could lead to future headaches.

Normally, remembering a strong, random, and unique password for every place you visit on the internet would be a pain in the rear. Everything requires a login these days. But with a password manager (which of course youve just set up!), you no longer have that responsibility. So long as you have the browser extension (or app installed on your phone), you can let it choose a password for you. Just tell it how many characters in length and what mix of them. (Security experts currently recommend 24 characters in length, randomly generated with numbers, letters, and special characters; you can also opt for a similarly long passphrase for things you need to manually type.) The fun part is that because you dont have to memorize each password yourself, long and complex strings arent a hassle.

If you want to really level up your login security, you can also use strong, unique user names, too. With a password manager tracking everything, being randominternetuser13960 on one site, ithurtstomove4582 on another, and pizzacoma2259 on a third is a cinch. Have to use an email address for your login? Gmail and some other email providers let you create aliases by adding a plus sign (+) and phrase after your account name. So for example, you could use emailaddress+likesbooks@gmail.com to distinguish that particular site. Or better yet, you can wholesale upgrade to email masks for true anonymity.

Apple

Apple

Apple

We hate to say it, but these days, strong passwords alone arent enough to ward off threats. Data breaches happen, and so do moments of being caught off-guard by phishing attempts.

Two-factor authentication adds another layer to your login process. Instead of having immediate access to your account upon entering your user name and password, youll have to pass another security check before access is granted. (You can read more about how 2FA works in our explainer, which also gives more details on the common forms available.)

Like using a password manager, two-factor authentication doesnt have to be a cumbersome addition to your login process. Apps like Authy, Aegis, and Ravio make accessing your 2FA codes on multiple devices simple, and support easy security measures like biometric authentication to protect those codes from prying eyes.

We of course recommend enabling two-factor authentication on as many accounts as possible, but at minimum, do it for major accounts like email and financial services places with info that could wreak havoc on your life if someone else got unauthorized access. Also consider protecting your Amazon, social media, Steam, and work accounts (and their info ripe for use in social engineering) in this way, too.

For sites that dont have two-factor authentication which sadly includes a large number of e-commerce sites you can help limit damage from unauthorized account access by not leaving your credit card information and address on file.

Google

Google

Google

This newer form of account authentication has been spreading steadily since last year, and just in time, too. Passkeys cut out a lot of the hassle of using passwords while also providing strong security out the gate a quality of life upgrade sorely needed as online security gets more complex.

You just need a device like a phone, tablet, or even your PC to serve as an authenticator. Itll be registered to your account when you generate the passkey. Afterward, youll get prompts on the device to authorize logins, which youll approve using face identification, a fingerprint, or a PIN. Its incredibly simple, and more importantly, passkeys are more resistant to the current effects of data breaches. Because they are an asymmetrical form of encryption, a hacker cant guess at your passkey based on the compromised websites encrypted login data. Only you have the other part of the puzzle, and its a different kind of piece than the part saved to your website account.

You can also use a password manager to store passkeys, though theyre currently a bit less secure than using a physical device.

You can read more about passkeys in our coverage of Googles recent launch of passkey support for its accounts (as well as in Googles own excellent overview of the topic), but basically, this is the cutting-edge of online security. A passkey eliminates the hassles of passwords, along with the pressing need for two-factor authentication, and should make protecting your accounts much easier. Good websites support both passwords and passkeys so you can still have a password + 2FA combo as an alternate method to login (just in case you lose your device with stored passkeys), but use your passkey day-to-day with less hassle.

All set up with your password manager and two-factor authentication, and feeling primed to go even further? Learning more of the ins and outs of your password manager will help integrate it into your life even more seamlessly. Installing your services companion smartphone app and browser extension is just a starting point check out our guide on how to make most of your password manager for more tips. You can also have a look at our story about 5 easy tasks that supercharge your security. If youve followed this articles advice, youre already more than halfway there!

Here is the original post:
4 fast, easy ways to strengthen your security on World Password Day - PCWorld