Passwords have been among the most familiar computer security features for decades. A holdover from the eras of mainframes and pre-internet PCs, they have not only survived but proliferated, to mobile devices, websites and cloud accounts.
But their long history and widespread familiarity have not made them easy to manage. Too often, passwords are simple and guessable. On the other hand, even if they are complex, they can be easy to forget, requiring users to frequently reset them.
On social media, poor password security management is common, according to one vendor survey of cybersecurity professionals at the February 2017 RSA Conference:
- Twenty percent of respondents had never changed their social media passwords.
- Half had not done so for at least one year.
- Almost one-third (30 percent) reported using address, birthdays and pet/children names in their passwords.
These practices open the doors for attackers to steal credentials and hijack Facebook, Twitter and LinkedIn accounts. A 2016 University of Phoenix survey revealed that two-thirds of U.S. adults with social media accounts had been hacked at some point, with an even greater number of them (86 percent) saying they limited what info they shared on these sites as a result.
With these numbers in mind, how can you improve the password security of your social media accounts? There are several steps you can take right now, including:
1. Auto-generating your passwords…
Complex passwords – i.e., ones that are both long and inclusive of many different character types – help keep you safe. The bad news is that they are almost impossible to remember.
On the bright side, there are many services that will automatically generate, store and auto-fill your passwords for you. For example, if you are an iPhone user, enabling iCloud Keychain will give you a reliable way to stay on top of your most complex passwords. There are also many third-party services – usually marketed as “vaults” or “managers” for your passwords – available for all mobile and desktop operating systems.
2. …Or using phrases instead of words in passwords
While auto-generation of passwords is preferable, you can still make pretty strong passwords on your own if you follow a different process than you’re probably used to. Instead of thinking of a password as a word or sequence of numbers, think of it as a phrase or an abbreviation.
Coming up with a long sentence and then making your password the first letter of each word is one possibility. Alternatively, you could make your password a sentence with lots of spaces (which are usually accepted as special characters) and many uncommon words. These passwords are easier to remember than the incomprehensible ones created by generators.
3. Implementing two-factor authentication
What if someone had stolen your password? Unless you had implemented two-factor authentication beforehand or quickly reset your password, there would be little you could do to prevent rogue access to it.
“Facebook offers several options for two-factor authentication.”
Two-factor authentication means that something else, beyond a password, is required to log into your account. Facebook offers several options for securing your account this way. You can get special codes delivered to your phone via text message, approve the login attempt from a separate device, or get a code from Code Generator, which works even if you have no access to text messages or internet service.
4. Not sharing your passwords over unsecured channels
It is a good idea to limit the number of people who know your passwords. The Benjamin Franklin joke about how “three may keep a secret, if two are dead” is relevant here: Sharing your passwords, especially over weakly secured forms of communication, is a recipe for having your accounts compromised.
Don’t send a password to someone via email or text message. You can’t always be sure that these channels are properly encrypted so as to prevent someone from seeing what you’re transmitting. Also don’t rely exclusively on paper lists or sticky notes, which could easily get lost, damaged or stolen.
Take the next step in securing your social media accounts
These four best practices will dramatically improve the safety of your social media account. You can go even further by implementing security software such as Unlimited Internet Security from Total Defense, to protect you from threats such as malware infections and identity theft. Learn more by visiting the product page today.