Are Your Passwords Strong Enough?

Want to practice good cyber security habits? Using a password manager is just the first step. To actually get the most out of your password manager, you need to strengthen your passwords. But what exactly is a strong password? How does a strong password protect you online? And how can you use your password manager to make sure every password is as strong as possible?

Why strong passwords matter

Most people assume that a hacker wouldn’t want to steal their information. “I don’t have anything worth stealing!” they assume. And so, many people use weak, easy-to-guess passwords. Creating a memorable password seems far more important than trying to keep out a hacker that won’t bother them anyway. Unfortunately, hackers love lazy passwords. Thanks to massive data breaches (think Yahoo!, Quora, MyFitnessPal, and many, many more), huge lists of usernames and passwords (sometimes plain text, sometimes hashed) have been leaked and sold online. With the help of password-cracking programs and ever-increasing computing power, it’s pretty easy for hackers to guess weak passwords, even if they’re encrypted or hashed. Then, hackers attempt to log in to popular services with those email and username combinations – like bank accounts and email. And the damage escalates from there. In short, weak passwords make you an easy target for hackers. On the other hand, strong passwords are one of the best defenses against unauthorized access to your accounts. When your passwords are too hard to guess or crack, hackers will move on to other easy targets.

Creating a strong password

You may be thinking: “Okay, I need better passwords. How do I create a strong password?” A strong password is:

• Long: At least 16 characters
• Unique: Every online account should have its own password
• Imaginary: Don’t use a word straight out of the dictionary, or a common phrase
• Mixed: Sprinkle in a few capital, lowercase, numbers, and symbols

A password generator, of course, can quickly create a randomized, unique password for every single account. LastPass has a built-in password generator that you can use any time you are signing up for a new account or updating the password for an existing account. And because LastPass remembers those complicated passwords for you, you don’t ever have to worry about forgetting your strong passwords. But what about your master password to log in to LastPass? One of the best ways to create a strong password that is also memorable is to make a “passphrase”. A “passphrase” is a long sentence or series of words. It’s typically something random, but that has personal meaning to you, like: “iwanttohikeinbanffsomeday”. Now, just sprinkle in a few additional characters and you’ll have an even stronger passphrase: “iwant2hikeinBanff!s0meday”.

Checking the strength of your password

The LastPass Security Dashboard gives you an easy way to review the strength of your passwords. When you launch the Security Dashboard, you’ll be able to view your overall Security Score. From there, you can take a closer look at the accounts that have weak or reused passwords, as well as passwords that have been affected by known data breaches. With the information provided in the Security Dashboard, you can then start updating your accounts with new passwords. The password generator will help create strong passwords to better protect all of your accounts. As you update your passwords with generated ones, your Security Score will also continue to improve! With LastPass, you only have to worry about creating and remembering one strong password – your master password – while LastPass does the rest. Every online account can have a unique, generated password that is long and complex. By protecting every account with a strong password, you’ll significantly reduce the risk of a hacked account and better protect yourself online.