If you’re struggling to think up strong passwords you can remember for your online accounts, here’s a simple, secure solution — for you and the whole family.
You’ve heard the security advice: “Create a unique, strong password for each account”. But are you doing that for every login?
“Why would hackers target me?” your family might ask, and they’re probably right. Your credentials are much more likely to be lost in a data breach(new window). In the US alone, millions of people fall victim(new window) to data breaches every year.
If any of your login details are ever leaked (one source to find out is Have I Been Pwned(new window)), the personal and financial losses could be devastating. That’s why everyone needs to create strong passwords and find a way to remember or store them securely.
Here are five steps to create and securely store strong passwords.
1. Delete your old accounts
Before you start, revisit accounts you’ve had for a while and close any you no longer use(new window). They may contain weak or reused passwords, and the fewer active accounts you have, the less exposed you’ll be to data breaches:
- Go to the “Help” or “Support” pages on each company’s website and look for how to close or delete your account. As many sites make it far from easy to say goodbye for good, check JustDelete.me(new window) and AccountKiller(new window) for help.
- To reduce risk, try to remove any private or financial information, like payment card details, before closing. Companies may have to retain your data for some time for legal reasons. And whatever they tell you, you can’t be 100% sure they have deleted your details anyway.
2. Choose a good password manager
A password manager helps to keep all your passwords safe in one place, so you only have to remember one master password:
3. Create and save strong passwords
Now you can make the passwords to all your active accounts as complex and secure as possible, as you only need to remember one master password:
4. Use two-factor authentication
If your passwords are ever leaked, two-factor authentication (2FA)(new window) gives you an extra layer of defense. With 2FA, after filling in your password, you enter a six-digit code from your phone or use a U2F security key(new window) to gain access:
- Enable 2FA for your master password and all your online accounts, where available. Most now allow you to set up 2FA by simply scanning a QR code.
- Choose an authenticator app or use a security key to verify your account. Avoid account verification by SMS, which is less secure. Please note that Proton Pass supports 2FA authentication.
5. Share password best practice
After you’ve set up your password manager and 2FA everywhere, you can help your nearest and dearest do the same:
- Talk your family members through steps 1 to 4 to set up an account with your password manager.
- Ensure they use strong passwords and 2FA wherever they can to secure their accounts.
But is using a password manager safe? If you forget your master password, or your password manager or device is ever compromised, you could lose access to all your accounts.
Yes, using a password manager is like putting all your eggs in one basket. That’s why it’s essential to create a unique, strong master password or passphrase that you’re sure you can remember. It’s also true that researchers have discovered password manager security flaws(new window) with some services on certain devices.
Still, there’s no such thing as 100% password security: It’s a balance of risks. And we believe that for most people, the benefits of using a good, end-to-end encrypted password manager with 2FA outweigh those risks.
Get Proton Pass free to create and securely store strong passwords on any device. Or sign up for a paid plan and get unlimited hide-my-email aliases, an integrated 2FA authenticator, and more. Join us and stay secure!