Passwords often get a bad rap, and for good reason. Left to our own devices, most of us will make passwords that are easy for us to use and remember. But we’re notoriously bad at creating good passwords, so inevitably we open ourselves up to security issues. Plus, passwords are dependent on the encryption used to secure them, and the practices online services put into place to protect them. Not to mention that passwords are a hassle to remember, and even more of a hassle to reset when you forget them.
But while we’re stuck with them, passwords do serve an important purpose. They are often the only gatekeeper between the rest of the web and our personal information. That means that for as long as we need to use passwords, it’s in our best interest to treat them with care and make sure they’re working hard to protect us.
Whether you’re new to password security or a seasoned pro, everyone can benefit by following these essential tips for improving your first line of defense online.
Think “unique”
Everyone knows you should have a long password, and that it should be a mix of characters like numbers, symbols, and upper and lowercase letters. But using a unique password is arguably even more important.
Every single online account you have should have its own password. We often think that once we create one good password, we can just use that one password everywhere. After all, that’s much easier to remember.
The danger with that approach is that as soon as one site has a security issue - and let’s be honest, it’s only a matter of time before one does these days - it‘s very easy for hackers to try the same username and password combination on other websites. Countless websites have had to force password resets for their users over the last several months because of massive coordinated attacks using leaked passwords from other breaches.
It’s no longer good enough to have a strong password. Using a unique password everywhere is the only way to reduce your risk of breach.
Go for passphrases, not just passwords
When you do need to create a password, “passphrases” are a simple way to make a strong one. The key with a passphrase is to string together words or phrases to create one long phrase that’s easy for you to remember, but pretty hard for anyone else to guess or crack. Then you can add in a few random symbols and characters to increase the strength further.
Here’s an example: mydogfido’sbirthdayisnovember19
A passphrase is the best of both worlds: It’s easier to remember because it’s a phrase you can repeat and commit to memory, but it’s also very strong by virtue of its length and mix of characters. Using a passphrase is a simpler way to create a super strong password.
Boost passwords with Two-Factor Authentication
Two is always stronger than one. Whenever possible, turn on two-factor authentication with your accounts; many websites now offer this option for added security.
Two-factor authentication simply means adding another login step when you’re signing into an account. It combines something you know (your password) with something you have (your phone) or something you are (your fingerprint), or even somewhere you are (your location). It could be texting a one-time code to your phone, or using an app like LastPass Authenticator that lets you approve a new login.
The benefit with two-factor authentication is that, should your password somehow be compromised - perhaps in a phishing attack - the attacker still won’t be able to get into your account without the two-factor authentication information.
Add a password manager to your toolbox
The reality is, it’s really hard to practice good password habits without something to help you remember, organize, and create passwords. That’s where a password manager is so valuable. A password manager like LastPass helps you centralize your passwords in one secure place, and keeps your passwords synced where you need them.
But to really get the most out of your password manager, you need to use it to create unique passwords for every single online account. The password generator makes it easy to create a new password whenever you need one, and the LastPass Security Challenge helps you identify old, weak, or reused passwords that still need to be changed. Once you get set up with your password manager, it’s critical to take the next step and update every single password to a better one.
For as long as we continue to use them, passwords are an important part of staying secure online. By following these tips, you’ll make sure your passwords are working hard for you and doing everything possible to protect your personal information. 
