Subscriptions to various services have been increasing for several years now, often requiring your email address of course, but also a valuable password, if possible sufficiently secure. Until recently, 10 billion passwords were leaked into the wild, not counting certain hackers who are capable of hacking a password in just a few seconds… Also, in the United States, the very serious NIST (for National Institute of Standards and Technology) recently returned to some good practices to adopt.
The difference between good and bad password
Obviously, firstly, it is essential to opt for a so-called “strong” password. Concretely, the latter must contain (at least) ten characters, mixing upper and lower case letters, without forgetting numbers and special characters. For NIST, a password of 10 characters, which alternates numbers, upper/lower case letters and symbols is already very effective.
Also, changing your passwords regularly can contribute to better security. However, this practice can be double-edged, since changing passwords regularly would also tend… to make us opt for passwords that are increasingly easy to remember. Change your password yes, but always respecting the rule stated above.
Another recommendation to follow when it comes to passwords: never reuse the same password for several services. Indeed, if it is simpler to memorize a single “strong” password, using it on several services will make life easier for hackers in the event of theft of identifiers. Although this is a little more restrictive, it is therefore recommended to use a different password for each service used.
Obviously, in addition to the fact of having to modify the password assigned by default with certain equipment, it is more than advisable to opt for a digital key devoid of the slightest personal clue. For example, we avoid using our date of birth, first name or any other element that could be (too) quickly guessed by a third party.
Finally, NIST insists that it is more than preferable to opt for double authentication when the service allows it. In this way, in addition to securing access to your account through a “strong” password, double authentication requires being able to provide a second identification via an application or even a code sent to a smartphone or mailbox. email before accessing the desired service.
And if you are thinking about using a secure password manager (which is an excellent idea), we highly recommend this guide which lists the best offers on the market.
