15 Tips to Change Your Password to a New and Stronger Password

About This Week's Action

The other day I was riding in the car with my best friend for the last 10 years. We roomed together in college and knew pretty much everything about each other’s lives then. Even many of our computer passwords. While we were driving I mentioned a website that I subscribe to for home improvement company rankings and said that she should take a look at it. I told her my username and said I’d text her the password. I said, “It’s my insecure password. The one I used for sites that I don’t store credit card data on.”

My friend said, “Oh, is it [insertbadpasswordhere]?” Sadly, it was. It turns out I’ve been using the same password (at least for some sites) for over 10 years. Yikes.

Most people don’t change their passwords unless they are required to. So, this week’s action is to change your password to a new - and stronger - password.

Why You Should Change Your Passwords

It Protects Your Money I read an article about someone whose retirement account was wiped about by a hacker. And there was nothing the company would do -- even give the person their money back because they weren’t protected from hackers. Every day personal information is stolen online. By updating your passwords you are protecting everything from your credit cards to your bank accounts to your retirement and investing accounts.

It Protects Your Personal Reputation Your money isn’t the only thing at stake when it comes to insecure passwords. Have you ever gotten a spam email from a colleague? Or an inappropriate Facebook message from a high school friend. You know they were hacked, but doesn’t just a part of you think a little less of them - even if only for a moment. Just like you wouldn’t stay signed in to your Facebook account on a computer at the library, don’t leave your password hackable for someone else to sully your reputation.

It Saves Hassle If you’ve ever had your credit card stolen you know what a hassle it is to claim fraud. It takes a lot of phone calls, emails, and paperwork. If you can prevent fraud by changing your passwords you’ll save a lot of time, hassle, and frustration in the long run.

How Long Does This Action Take?

It takes about 5 minutes to come up with new passwords. And the time it takes to update all your passwords will vary depending on the number of accounts you have. But it shouldn't take more than 20 minutes.

How to Create Stronger Passwords

There are a lot of theories on what creates a strong password. Generally, guidelines include:

  • Use both letters and numbers
  • Capitalize some letters and not others
  • Use symbols
  • The longer the better
  • Don’t use common words
  • Don’t use the same password for every account

Most people know this even if they don't follow it themselves. So, here is my favorite - less common - advice from some great resources on creating stronger passwords:

Don’t use common substitutions, e.g. @ for A/a. When you have recurring letters within your password, mix your substitutions, e.g. 8 or ( for B/b. Have a word and touch type it with your fingers in the etpmh (wrong) location. Keep in mind that you may switch keyboard types. Pick a pattern on your keyboard and type it with alternating use of the SHIFT key, e.g. Xdr%6tfCvgz/

From Make Use Of

Use Passphrase. If you don’t want to use password management tool, Use Passphrase to easily remember the passwords. You can use initials of a song or a phrase that are very familiar to you. for e.g. “Passwords are like underwears, change yours often!” phrase can be converted to a strong password “Prlu,Curs0!”

From The Geek Stuff

Spell a word backwards. (Example: Turn "New York" into "kroywen.")

If you're worried that your password of choice isn't strong enough, check it at How Secure is My Password?. The site will even tell you how long the average PC would take to crack it. For example, cracking "kroywen" would take 13 minutes, "kr0yw3n" would take about 2 hours, "Kr0yw3^" 15 days, and "MA7ApUp#" about 3 years.

PC Mag: How to Create a Strong Password

From from Microsoft Security Center

Change Your Passwords

Change Your Financial Passwords Update the password (and use different passwords) on your:

  • Bank accounts
  • Investment accounts
  • Retirement Accounts
  • Credit Card Accounts

Change Your Email Password Update your email password. This password should be just as secure if not more secure than your financial passwords because you likely have a lot of financial information in your email accounts.

Change Your Social Media Passwords My brother-in-law fell victim to a Facebook scam because someone’s account was hacked. Some friends of his were traveling in Africa and messaged him that their wallets got stolen and they needed him to wire them a few thousand dollars. The trusting guy that he is - he wired them the money. It turns out that while they were traveling their wallets hadn’t been stolen, but their Facebook passwords had. He had unknowingly wired money to a scammer and was out over $2000.

You don’t want your friends and family to be similarly scammed - so update all of your accounts that include personal data and contacts.

Change the Password on Your Shopping Accounts Frankly, I’m a little less worried about my shopping accounts because if my credit card information gets stolen I will have to only deal with fraud issues that are generally repairable. That said, stolen credit cards are a huge hassle. So, either opt out of storing your credit card information on websites where you shop, or change the passwords.

Commit

If you need a reminder to update your passwords this week, sign up now via Eventbrite. Then we will email you this weekend to remind you to update your password.

How often do you usually update your passwords?