How to Create Stronger Passwords & More Secure Accounts
We’ve all been there. You need to log in to an online account only to be met with a blank login screen. You try a few of your “go-to” username/password combos (or worse yet, you pull out your notebook of passwords) and one of them finally gets you in.
In the back of your mind you’re thinking to yourself, “if someone knew that password they would have access to a lot of my accounts!” According to a poll by Security Boulevard, 59% of people use the same password everywhere.
Not only are people using the same password everywhere, they are using very bad passwords. Splashdata releases an annual list of the 25 most common passwords. Here are the top 10 from 2018:
If you’re using any one of those passwords, pay close attention to the rest of this blog post. Even if you're not, below are three ways to strengthen your password security immediately.
1. ALWAYS Follow Strong Password Criteria
At the very least, ditch “password” (or any one of the other top 10 from above) as your password. Start by making sure your passwords at least meet these two conditions:
- A minimum of 8 characters
- Includes numbers and uppercase letters
Those two steps alone create a password that has 218,340,105,584,896 possibilities. As you take further steps such as including special characters (i.e. &, %, !, #, *) and increasing the length of your password, the number of possibilities increases and makes it that much harder to be cracked. Here are a few more basics for building a stronger password:
- Don’t use any part of your name/username or company name
- Try not to use any real words, especially personal ones (dog’s name, favorite sports team, family member’s name, etc.)
2. Try a Password Manager Tool
There are many password manager tools out there that generate complex passwords automatically for you and store them in an encrypted database. There are many advantages of this. One, the passwords generated are going to be extremely strong and nearly impossible to crack. Two, the passwords are stored in an encrypted database for you so you don’t need to remember it and you definitely don’t need to store it on a post-it note on your monitor or a notebook in your desk. Below are a few options worth checking out:
- Google Chrome: if you use Chrome as your default browser there is an option to let Chrome create and remember a strong password for you. You won’t even need to know what the password is. Here are instructions for setting it up.
- LastPass: there is a free option for single users with LastPass. They also have more than just password management. You can also store things like personal documents and credit card information.
- Keeper: this option is geared more towards businesses looking to manage password security. Keeper has options for different user roles such as an admin who can have control over the account and user passwords. Learn more about their business options.
3. Turn on Two-Factor Authentication (2FA)
Many software applications, email providers, and social media platforms offer the option to turn on two-factor authentication. If you’ve ever tried logging in to an account and then had to check your phone or other device to confirm the login, this is 2FA. The benefit of this is that even if your password is compromised, the hacker still can’t access your account unless they also have access to your phone. Some systems can even use facial recognition or fingerprint scans before allowing access. Access to 2FA is one of the many questions we recommend asking insurtech vendors before making a purchase.
As an insurance agent you’re dealing with a lot of sensitive information in your email, agency management system, enrollment platform, etc. By taking some time to be sure you and others in your agency are following proper password security you can greatly increase the security of your book of business and lower your risk for a major data compromise or breach.
Want to learn more about data security?
If you're in the buying process for a CRM or agency management system, or you're just curious how secure your data is currently, check out this on-demand webinar where our CTO discusses the security questions you should always be asking of any software vendor.