And what I am doing to fix them.
Confession: I was insecure…when it comes to passwords.
I hate “passwords,” “usernames,” “create accounts,” “logins,”and “portals.” Those words make me cringe because it’s more administrative energy than I want to expend most days. Yet, we are asked to create new accounts with every new website, every new platform, every new account. As a mom of 3, that means a new account for every new sports team, camp or doctor’s office. As a military spouse, that means a new password for every new utility company, housing company, and medical office. It’s too much and it’s overwhelming!
According to Security brief, New Zealand, the average person has 100 accounts that require passwords. With all of those passwords, it’s no wonder 81% of data breaches are due to insecure passwords! I am guilty of all of these common password mistakes! Or I guess, I WAS guilty of all of these common password mistakes. While I talk more about password managers in Why Military Families Need a Password Manager, today I’m going to talk about the biggest password mistakes I’ve made and how I fixed them.
Password Mistake #1: Easy to Guess Passwords
For years, I had the same password, and it was ridiculously easy to figure out. Clifford and Sharon Profis suggest not using easy to remember phrases, names or information. If someone can glean your social media profile and figure out your pet’s names, your children’s birthdays, or your favorite sports teams then these would be terrible passwords. Obviously “Password” or “Password123” would also be a bad choice as well.
Password Mistake #2: The Same Password for Every Account
This was my biggest mistake and the biggest habit that I have to break. When I did my Google Password Check I had 105 REUSED PASSWORDS! And it was all the same password! Needless to say, I have remedied the problem and I am determined to break the habit! Now with the use of the Google strong password and the Keeper I have unique and secure passwords for all bajillion of my online sites. It took a little while to go back and check them all, but by using Google password manager I was able to see all the accounts I had set up on Google and go back and fix them. If I come across sites not on Google, I am doing my best to fix those and store the password in the password manager at the same time.
Password Mistake #3: Not Storing your Passwords in a Password Manager
Which brings me to the third mistake I was making. If you are trying to remember all of your passwords all of the time this is a perfect storm for frustration and wasted time. BELIEVE ME, I know! If you really don’t like the options for password managers or don’t trust an online system, you should have a handwritten master list stored somewhere securely. Password expert (and former hacker) Frank Abagnale warns against keeping this list on your phone or device as a Google or Excel spreadsheet though. If someone does gain access to your phone, you have just handed them the keys to the kingdom. Having said this, I realized I was making the 4th password mistake as well. Read more about my recommendations and reasons Why Military Families Need a Password Manager.
Password Mistake #4: Using an Easy Phone Password
So much information is stored on our phones! By not using a hard to guess phone password, I was leaving myself vulnerable to someone stealing A LOT of personal information. I get it, I made mine easy so my kids could get into my phone in an emergency (does anyone even have a landline anymore?). So make that first interface with your phone difficult enough that someone couldn’t easily pick up your phone and get into all of your accounts. If you have little ones at home and are worried that they won’t be able to access your phone, don’t worry. Kids seem to be able to remember anything that allows them to play games and watch videos!
Password Mistake #5: Not Using Two-Factor Authentication
Two-factor authentication is one of the best ways to make sure your accounts are not accessed by an outside source. Be careful, though, when going overseas. If you set up a new phone number outside the U.S. this can make it impossible to send text messages. All in all, two-factor authentication is a good idea especially on your financial accounts.
So, while I am obviously not an expert when it comes to passwords, I have taken these past few weeks to make some big changes. First, I changed ALL of my passwords to more secure passwords. Then, I updated those passwords in my password manager. Next, I changed my phone passcode. LastIy, I set up two-factor authentication when applicable. It did take a little time and patience, but overall, I am feeling confident that my accounts are more secure. How do you feel when it comes to the most common password mistakes? Are you an expert or just overwhelmed with the sheer amount? Leave me a comment and let me know about your password struggles!
And for those passwords that you need to write down (and should) download my FREE PASSWORD LIST here.