Noob Mini-Guide to Password Security
Your e-mail account is the
MOST important account you have in your online life. It's the ultimate stronghold you must keep safe against unauthorized access.
Create an account in an e-mail provider with good history of cyber security against hackers.
Suggestions: gmail.com (Google) or outlook.com (Microsoft)
Password:
The two keywords for a good password is: UNIQUE and LONG (minimum length of 12 characters)
- For this purpose create
passphrases instead of a passwords.
- Use part of lyric, part of a quote. You can check this link about diceware, a method to create a passwords:
http://world.std.com/~reinhold/diceware.html
- Don't use this same passphrase EVER again in other websites. Each and every site must have its unique password.
- Mix words from other languages in the passphrases (extra layer on diceware approach).
Enable the 2nd Factor Authentication/Two Step Verification when sign in on either services. Don't forget to save BACKUP codes to access in case your smartphone is not accessible (lost/broken/out of battery)
If you want make your life simpler use a password manager. It will manage for your the UNIQUE and LONG passphrase (or in this case random letters) aspect for you.
e.g:
https://www.lastpass.com
https://www.dashlane.com
https://1password.com/
http://keepass.info
When you are creating your masterpassword for these programs you must use a very strong passphrase.
Check if you are already compromised, go to:
https://haveibeenpwned.com
Time to change your old passwords
Extra Notes:
- Don't enable the security question because you are just opening another hole that a hacker can exploit to get access to your account
- Biometric Security (Fingerprint) is a bad idea: If someone get your fingerprints you are fucked for
entire life because you can't change your fingerprints for another. And you leave fingerprints everywhere make very easy to collect them.
- Security Key: it is a usb device, a physical 2nd factor authentication that can be used with your gmail account, lastpass and many other sites and services.