When Yahoo! reported that someone hacked one billion of its accounts, it was a stunning revelation. Then it disclosed last fall that the names, dates of birth, email addresses, passwords and security questions and answers were compromised on all three billion of its accounts. For many, this news was devastating.
That’s because the vast majority of us use the same password or too close a variation of the same password for everything we access. Research also tells us that the average strength of our passwords is low. Also, most of us rarely change our passwords. In a 2017 survey, Keeper Security found over 80 percent of us reuse the same password, and nearly a third of us (29 percent) share a password with two or more people.
Keeping your passwords safe
Today, it seems hardly a month goes by that we don’t hear about a major data breach involving a well-known brand. Microsoft-owned LinkedIn had 117 million emails and passwords hacked. eBay had all of its 145 million usernames, emails, passwords, and dates of birth compromised.
Even firms in the business of keeping information safe and secure are on the list of the most prominent data breaches ever. Equifax, the major credit data firm, had millions of customer passwords and emails stolen. RSA Security had a theft that compromised its SecureID two-factor authentication tokens. They are considered the gold standard of security.
Dozens of major company online account records have been hacked. That means the likelihood your email and password from one of those accounts have been sold is very high. How do you keep your password safe?
We talked to our experts at Tech Helpline. Tech Helpline is the real estate industry’s #1 tech support service, available to nearly half the Realtors in North America. That’s more than 500,000 Realtors in the U.S. and Canada. Tech Helpline’s staff of professional tech analysts have about 300 years of combined IT experience. Most importantly, they work with real estate agents every day.
Here are some best practice recommendations when it comes to keeping your passwords safe.
Make sure you haven’t been compromised
Have your email and favorite password already been compromised? With so many data breaches, how do you know if your information might be for sale on the dark web?
Fortunately, there is a safe and trustworthy website that will tell you if your email or password is somewhere online – and the source that exposed it. The site is called “have i been pwned?” You can read about why Troy Hunt, a Microsoft Regional Director, created it, as well as find the links to check your email and password, here: https://haveibeenpwned.com.
It might scare you, but you might not even have to go to the Dark Web to learn if your password and email address has been compromised. A Google Search just might reveal a list of passwords and emails hackers use with “brute force” software to break into accounts. You just might find your password on that text file.
How strong is your password?
Tech Helpline analysts suggest that you can use a variation of a password safely for different accounts, as long as you keep in mind a few best practices:
- Use 12-14 characters
- Include caps, numbers and special characters (if allowed)
- These first two requirements are part of the algorithm password testers tend to use
- Make it unique, but very easy to remember for you
Remember, one of the most common ways that hackers can break into accounts is by guessing common passwords. The more difficult your passwords are, the higher the likelihood that a hacker will simply look for easier targets.
Also, some firms, including banks, are offering a new option called a “passphrase.” Instead of a single word and characters, it is a sequence of words or other text that acts as a password. They can be much harder for hackers to crack, and easier for you to remember, such as “Wh@t is th3 PassWord?”
Beware of stored passwords in your browser
Most of us store passwords in our favorite browser because it’s a huge time saver. The bigger benefit: we don’t have to remember which password we used! After all, when we see our passwords populate, they appear hidden – as asterisks. So, they are safe, right?
Well, not entirely. Two things you need to realize. First, most browsers will allow you to see every single password stored. In Chrome, for example, if you have your computer’s single admin password, it will reveal your password for every one of your stored accounts. Second, there are software programs that will export all of your passwords from almost any browser.
For example, WebBrowserPassView is a free password recovery tool for Windows that reveals the passwords stored in web browsers, including Internet Explorer (Version 4.0 – 11.0), Mozilla Firefox (all versions), Google Chrome, Safari, and Opera. The publishers note, “This tool can be used to recover your lost/forgotten password of any Website, including popular Web sites (sic), like Facebook, Yahoo, Google, and Gmail, as long as your Web Browser stores the password.”
This is another reason why your computer must be password protected.
Using a password program
The best practice may not always be the cheapest one, but it is, the experts say, the safest one. Use a password software program such as Dashlane, LastPass or Keeper.
For typically less than $30 a year, these programs do the heavy lifting of password security management for you. That’s a tiny price to pay if you think what it could cost you if a hacker got into your bank or PayPal account. These programs help you use a different, incredibly strong password for every site and account you have. You only have one password to remember, and that’s to enable the password manager.
There are some free options, with more limited features, as well those that PC Magazine lists here.
Write them down
The experts remind you to write all of your passwords down. You then need to put them in a safe or safety deposit box. This is vital, because if something were ever to happen to you, your significant other, or heirs, they will need access to your accounts. They will also need access to your smartphone, your computer and any other device that requires a password.
Take these five simple steps say our friends at Tech Helpline, and you will have what you can do to keep your passwords safe.
For additional insight from the Tech Helpline experts, check out these articles:
- Tech advice: What do you do if you do the wrong thing?
- Knowing What These Tech Buzzwords Mean Could Save Your Real Estate Business
- How can you make your data safe?
- Don’t get caught by the phishing hook
Tricia Stamper is Director of Technology at Florida Realtors.® Florida Realtors owns both Tech Helpline and Form Simplicity.
Got Questions – The Caton Team is here to help. We are but a call or click away!
The Caton Team is comprised of Susan and Sabrina Caton – a mother/daughter in law team. We are full time, local Realtors with over 35 years of combined Real Estate experience. How can The Caton Team help you?
Remember to follow our Blog for the local real estate beat, a pulse on the San Francisco Peninsula at: https://therealestatebeat.wordpress.com
Got Questions? – The Caton Team is here to help.
Email Sabrina & Susan at: Info@TheCatonTeam.com
Call us at: 650-568-5522 Office: 650-365-9200
Want Real Estate Info on the Go? Download our FREE Real Estate App: http://thecatonteam.com/mobileapp
Visit our Website at: http://thecatonteam.com/
Visit our INSTAGRAM page: http://instagram.com/thecatonteam
Visit us on FACEBOOK: http://www.facebook.com/pages/Sabrina-Susan-The-Caton-Team-Realtors/294970377834
Connect with us professionally at LinkedIn: https://www.linkedin.com/in/sabrinawendtcaton
Please enjoy my personal journey through homeownership at:
Thanks for reading – Sabrina
The Caton Team – Susan & Sabrina – A Family of Realtors
Effective. Efficient. Responsive. What Can The Caton Team Do For You?
Berkshire Hathaway HomeServices – Drysdale Properties
Sabrina BRE# 01413526 / Susan BRE #01238225 / Team BRE# 70000218/ Office BRE #01499008
The Caton Team does not receive compensation for any posts and the information is deemed reliable but not guaranteed.