For at least once during your life in cyberspace, you must have been stopped from signing up for something because your password wasn’t strong enough. We’ve all been there. But that doesn’t mean you should just be stuck with the same password for the rest of your life. (That is highly discouraged.) Here are four tips that can help boost your password strength:
1. Never use common or sequential passwords:
“ABCDE”, “Qwerty”, “123456789”, “123123” and the like are among the most unsafe passwords. Additionally, passwords like “password” or those that contain personal information (like your date of birth) are unacceptable passwords as well, because these are the first things a hacker will try.
2. Make it long:
It is highly recommended that passwords are between 12-15 characters in length, at minimum. It is also best to throw in numbers, uppercase letters, lowercase letters, and symbols for a stronger password.
3. Create a password out of a sentence:
Take this sentence for example: “I used to deposit Php 100 weekly at BBB Bank.” Using the first character and symbols available, the password could be something like: IutdP100waBBBB. It will take some time to crack a password like that.
4. Go beyond the conventional or the obvious:
It might seem silly, but stringing random words together may save your account from a possible hacking. Foreign words, historical figures, characters, or places will strengthen your password by a great deal. After all, who can easily guess a password like “JakartaPicketQuidditchAlohaCherry”
Other measures you can take (in case buffing your passwords isn’t enough) would be to enable two-factor authentication (TFA). Aside from asking for your password, TFA creates an extra layer of safety by asking for another input from you – such as texting you a One-Time PIN (OTP) number and asking you to input it before you log-in.
You can also check the “login activity” of your accounts to see if there was any unusual log-ins that supposedly came from you. Twitter, for example, emails you when they receive a log-in alert from a device the account doesn’t use often. Google also has My Google Activity that allows you to retrace what you have browsed using your Google account.
This article is part of the Banker’s Association of the Philippines’ (BAP) #CyberSafe campaign, where the BAP aims to promote awareness towards cybersecurity. As part of the campaign, new posts will be uploaded every Wednesday and Sunday, tackling common web security questions and issues.
For more content on cybersecurity, visit the BAP Official YouTube channel.