Creating strong passwords is the first step toward security, and one of the most important ones, especially online. But no matter how strong the password is, if someone steals it, they can use it just as easily as the “123456” one. That’s the main obstacle, particularly with a need to remember tens of passwords. Consequently, users either choose extremely simple passwords or decide to let their browser save them. While this is convenient, it’s not an ideal method of safeguarding your passwords. Instead, let us show you how to keep passwords safe the right way.
Why is it important to keep passwords safe?
In this day and age, the importance of passwords and their safety is self-explanatory. We have integrated with the digital age, and it has more or less become a part of our daily lives. Thus, when it comes to protecting information pertaining to our digital lives, we have to rely on passwords, making them the first line of defense against any possible intrusion.
Strong passwords are essential for protecting our personal information, so they have to be kept safe. Furthermore, passwords not only protect our digital identity but also our financial safety. And as we progress further and embrace more of the digital age, the importance of a password is only going to rise.
It is also important to keep passwords safe because any alternative will have severe consequences. A study by GetAstra found that almost 44% of the people on the internet never change their passwords. These people are at risk, especially when we look at the data from 2021, where almost half of all the data breaches were due to mismanagement of passwords and stolen credentials.
What not to do when creating a password
These are the things you should avoid when creating a password:
- Never use a short password. The shorter they are, the easier it will be to brute-force them.
- Never store your password in a place where it can be easily found. As a rule, avoid anything digital or online. Do not write it down on a sticky note and leave it on your desk. Instead, find a notebook and note it down.
- Do not use the same password for a longer period of time.
- Do not use something that is easy to guess as a password.
- Avoid using any sort of personal information, such as a nickname, date of birth and so on, as a password.
- Never use the same password for multiple sites.
What are the ways to keep passwords safe?
The simplest way to keep your passwords safe is to never reveal them to anyone. This is the most basic thing you can do to protect your passwords. But, there are more. The following are the best ways to keep your passwords safe:
1. Keeping passwords safe by writing or printing
Our first advice is probably the simplest to adjust, but hardest to practice daily with a lot of accounts. Instead of saving all of your passwords in a browser or a Notepad file on your desktop, put pen on paper and write them down. Where you jolt them down is up to you – there are cheap notebooks you can hide afterward or advanced diaries/journals that come with a lock and key.
Alternatively, you can print the passwords. Then, if you’re concerned that someone will discover it, make a false bottom in one of the drawers, purchase a lockbox, or carve out an old book. Use your imagination!
2. Keep passwords safe by protecting the devices you use
If you’re not a fan of writing down all the passwords physically, but also don’t want to resort to any other methods, this one is for you. If you’re going to save all of your passwords in a browser, make sure the devices you access that browser on are safeguarded.
By this, we mean putting a PIN or password or using fingerprint or facial recognition. You can also install utilities that allow putting another password on specific software or apps that you worry about exceptionally.
3. Use a password manager browser extension
Now for the most popular method of keeping passwords safe, using a browser extension for their management. There are many free products of this kind, and they all require you to select only one master password. Entering it unlocks a database of passwords for everything else, including things such as PINs, bank account numbers, credit card numbers, and other types of sensitive information.
Best of all, the passwords are auto-filled (after your confirmation), rendering keyloggers and some types of malware ineffective. Best of all you can generate an extremely complex master password and will get regular reminders to change it.
4. Utilize a password management software
The biggest downside of browser extensions is the software limits of what they can offer. For example, strong encryption. This obstacle doesn’t exist with password management software. You can take advantage of 256-bit AES encryption, which is used by the USA’s National Security Agency (NSA) to protect top-secret intelligence.
Additionally, most of such software is free and open-source, so you know exactly what it does. it. Plus, they offer the possibility of creating multiple master keys, which is great for a business. Other software for managing passwords is integrated into the operating system, such as Apple’s iCloud Keychain, which is secure, user-friendly, and convenient.
5. Keep passwords safe with a dongle
There are many different dongles on the market, commonly known as “USB password keepers”. That’s not entirely true, since, besides USB 2.0/3.0/3.1, USB-C, or USB-A, many use NFC, making them compatible with a plethora of devices. Even better, they generate passwords automatically, using long and complex keys – think 128-bit or 256-bit. Even better, the USB keeper doesn’t share passwords with the computer until the user clicks a dedicated utility or presses a physical button on the dongle.
6. Secure passwords with a separate volume
Although usable by just about anyone, this way to keep passwords safe is best suited for extremely privacy-conscious people. This includes undercover officers, spies, journalists in censorship-heavy countries, and anyone in danger of getting caught with risky information. You’ll see what we mean.
Creating a virtual volume on your storage drive (or external drive) comes with the advantages of password management software. Plus, you can store other sensitive information alongside the passwords and can mount and dismount the volume at will. A great example of this is VeraCrypt, open-source software with on-the-fly encryption (OTFE).
You can also create multiple master keys to unlock and mount the volume. Moreover, you can even create a fake encrypted container. You heard that right, you can create a special master key that unlocks a fake volume with planted data. This can save you even if they catch you red-handed. The downside is that it won’t auto-fill passwords – you’ll have to copy or type them manually.
If you don’t trust software, opt for a master password-protected USB drive. They come in small sizes, use an open-source, multi-language firmware, and require no software to work. They also block auto-run actions and have anti-malware security measures. Best of all, the volume gets automatically locked when it loses power and is wiped if the wrong password is entered too many times, usually 3.
7. Protecting passwords with a secure computer
The ultimate way to safeguard passwords is via a secure computer. While you can modify your own, it might be best to purchase a pre-configured one. These usually come in the form of portable mini-PCs and can be stored just about anywhere. Secure computers use open-source BIOS to prevent software intrusion, as well as physical tamper protection.
Furthermore, they run on open-source firmware (operating system) ensuring no backdoors or data leaks. And, besides encrypting your e-mails and ensuring safe transfer via SSH (Secure Shell) they act like virtual volumes. To clarify, their drives use OTFE, can create multiple master keys, and decoy encrypted disks.
Secure computers can generate one-time passwords and store static passwords for all your accounts locally. Best of all, they act as U2F (Universal 2nd Factor) and 2FA (2-factor authentication), thus amping your device security (method 2) significantly.
Tips for creating a strong password
You can heed the following tips for creating a strong password:
- Never use a common password.
- Use 2FA or MFA alongside a traditional password to ensure better security.
- Always try to create longer passwords—at least 12 characters long.
- Try to use at least one lowercase, one uppercase, one number, and one special character in your password.
- You can always use a reputed password manager.
- Use a password generator for a much more secure password.
- Always use different passwords for different purposes.
Keep in mind that, just creating a strong password will not be enough. If you want to learn more about strong passwords in general, check out the following video:
You shouldn’t store your passwords here:
When it comes to keeping a password safe and secure, there are certainly places one should avoid. If you do not store your password in certain locations, you are already increasing its safety. These places are:
- Sticky Notes: Never write down your password on a sticky note and then leave it out on the desk for anyone to see.
- Journal: We see the appeal of writing passwords in general, as we consider them very personal and thus relatively safe. But it is also the first place anyone looking for your password will try.
- Unencrypted files: Many people simply open a doc file and save their passwords there. Many even save them in their emails. But we never recommend saving or writing down your password on an unencrypted file.
- With the browser: When Google asks you if you want it to remember your password, you often select yes for convenience. Don’t do that, as in the case of a data breach, your passwords might be exposed.
Comparing Top Password Managers
When it comes to password security or keeping them safe, we tend to rely on password managers. However, not all password managers are created equal. Here, we are comparing the top 3 such applications:
|Platform supported||Windows, Mac, iOS, Android||Windows, Mac, iOS, Android||Windows, Mac, iOS, Android|
|Security||AES 256-bit encryption||Zero-knowledge Encryption||Secure Vault, encryption, and 2FA|
|Pricing||$3.00 per month||$3.33 per month||$2.99 per month|