Your password is "Password"
Amazingly, “password” always ends up in a top spot of the most popular passwords, according to hackers who stole millions of them.
Also popular: “123456” and its neighbour “12345678,” “welcome,” “letmein,” and “jesus.”
You didn't check its strength first
You use the same password for everything
Well, someone got into your email and saw your Facebook post responses and an account statement from your bank.
But hey, at least yourbank.com login info is different, right? … Right?
Your security question is obvious
Sites will often ask you to provide a security question and answer for use when you forget your password.
Try for something complex or personal so nefarious types can’t figure out the answer with a simple Google search—McAfee suggests a question like, “How was your first kiss?” with a quirky answer only you would think of (“Rocked it like a hurricane!”).
You use a common phrase
Just like you don’t want an obvious answer to a security question, you don’t want your password to contain a word or phrase that’s meaningful to you, like your sister’s name or your hometown.
These are too easy to guess (and can simply be found online).
Try incorporating “opposite” words, like your least favourite colour or the site of your least favourite holiday.
You didn't use the space bar
Many sites and programs don’t actually allow you to use a space in your password, which is exactly why it’s valuable to do so when you can.
Anyone trying to guess at your password may not even think to tap on the space bar.
You didn't use a mnemonic device
Lifehacker suggests using the Person-Action-Object (PAO) method to create an unbreakable password.
Visualise a famous person doing a random act with a random object (say, Abraham Lincoln surfing with a gallon of milk).
Now combine parts of that phrase to make a new word, like AbeLiSurfilk.
Not only do you have a word that’s too random for any hacker to crack, but you’ll be the only person it makes sense to.
Plus, our brains remember data better with visual cues (and especially with weird ones), so memorising it will be a cinch.
It's not long enough
Security experts say your password should be 12-14 characters long if possible.
Similar to the use of spaces, many services don’t allow such length, which can provide a security boost.
You don't use two-factor authentication
Here it is, the Big Bertha of security tips.
Every time you log into a website or email client, you type the same ol’ string of characters—not exactly hacker-proof, especially if you use the same password across platforms.
Two-factor authentication helps.
It’s basically what it sounds like: After typing your password, sites and services that use two factors ask you to present an additional piece of information.
Most likely, you have a separate program or physical device, also known as a “token,” that presents randomly generated numbers and communicates with the website or software you’re accessing, allowing you an extra layer of security.
Type your password, get the random numbers from your token, and type those in to move along.
Think a token sounds niche?
Consider this: A few years ago, Blizzard—the gaming company behind massively successful titles like World of Warcraft and Diablo—introduced an “authenticator” device for users in an effort to stop hackers from stealing items and in-game currency.
Gmail offers a similar service, as do various other email clients and social networks.
Sign up here to get Reader’s Digest’s favourite stories delivered to your inbox!