Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Ultimate User Guide for Managing Your Passwords [Part 1 of 5]

The Ultimate User Guide for Managing Your Passwords [Part 1 of 5]

We tend to focus on business technology, but this time, we wanted to put together a guide that would help, well, everybody! It doesn’t matter how low-tech you are, chances are you still have to manage a handful of online accounts and passwords.

As it turns out, there really isn’t a big difference between protecting yourself as an employee working in an office compared to protecting yourself as an individual. Everyone needs to have strong cybersecurity habits because the entire world has built itself around going digital. Like it or not, this is how it is.

The goal of this guide is to walk you through some steps that will make maintaining your security and protecting your identity so much easier. It will take some time and effort at first, but once everything is set up and working, staying safe will become a much easier process.

We encourage you to share this article with everyone you can, from students to those enjoying their retirement. We all have friends and family who scrawl their passwords on a loose ream of paper, or who might even have worse habits that they think are perfectly healthy but are putting them at risk. This guide might help them reduce the risk of expensive, frustrating problems.

If someone sent you this link, hello! Nice to meet you! We hope you find this guide useful, and we’d love to get feedback from you if you have any!

Why You Should Care About Strong Passwords and Cybersecurity

We don’t want to come off sounding too preachy, but your cybersecurity is very important.

Your personal information is valuable, and protecting it is important. Whether you are on a computer all day at work or you hardly sign in throughout the week, if you use the Internet at all, you need to protect yourself. This includes smartphone and tablet use, laptops, computers, paying your bills, using social media, etc. 

The goal of this guide isn’t to sell you anything (although we will recommend tools and products that have paid tiers), but ultimately, this isn’t something we intend to profit from. We want to spread awareness to people, even if they aren’t really a good fit to be a customer of ours. We work with businesses throughout Western?Kentucky to manage their IT and cybersecurity needs, but we don’t tend to work with individuals. Even so, we hope this guide helps as many people in and around our community as possible.

The rest of our blog discusses cybersecurity extensively; if you find this guide helpful, you can certainly read more articles.

Why Personal Cybersecurity Matters

Storytime! The Internet was originally built to be a network of ideas, information, and commerce. Since then, individuals, organizations, and businesses have come up with many amazing ways to make the Internet more useful, profitable, and critical to our daily lives. Things that used to be reserved for only some of the most technologically-abled users are now normal things that the average person doesn’t think about.

At the same time, scammers, criminals, and con artists have utilized the Internet in creative and dastardly ways. 

And then you have the middle ground: the vast majority of enterprising businesses on the Internet sort of take a middle-of-the-road approach. They provide something seemingly very good, but there’s a little bit of a hidden price to pay.

Let’s use Facebook as an example.

When Facebook (back then it was called TheFacebook) launched, it was a closed-off network of select colleges and university students that could connect based on the classes they took. They could upload a photo, talk to classmates, and join groups based on the classes they were in. 

(We’re grossly skimming over some history here to get to our point.)

A few years later, Facebook opened up to the general public, and quickly exploded in popularity. It didn’t take long before millions of people shared information about themselves, uploaded photos, and communicated on what would soon become one of the largest, most influential social networks. The world really hadn’t seen something like this before—a singular platform for hundreds of millions (now it’s 3 billion, or over a third of all humans) to communicate and connect.

To develop, maintain, and host this kind of platform, Facebook needed money. Back in 2012, Facebook’s operating cost was about $1 per user per month. They had around 800 million users at the time, so that’s roughly $800 million dollars per month just to run the site, let alone costs for future development, new products, new features, etc.

They don’t charge users to use Facebook, which would defeat the purpose of the platform. Instead, YOU are the product. Facebook’s revenue is based on ads. Facebook makes money off of ads because the people on Facebook produce content that encourage other people to continue to use Facebook. In return, you and I can use Facebook for free.

This is relatively reasonable in the modern world, and something that most of us can more-or-less ignore. However, it brings up just how valuable an individual’s data actually is.

Your activity on Facebook helps Facebook maintain itself and even profit. Granted, Facebook doesn’t have a flawless track record of how they handle your information, who they sell it to, and how people take advantage of the system, but it’s a perfect example of just how valuable your participation and information is.

Most businesses that you work with store information online. Your dentist might allow you to log in to see your dental history or pay your invoices, your trash collector has an account for you to make payments, and your Amazon account knows what types of products you look at, as well as the music and movies you like to watch.

We’re oversimplifying it, but the modern world runs on information, and that information is valuable, especially in bulk. 

Let’s use Disney+ as an example. What does Disney+ know about you?

They likely have your name and contact information, credit card information, email address, and the types of devices you use Disney+ on. They also keep track of the movies and shows you watch so they can better serve you and make decisions about how to adjust their services. 

It’s easy to dismiss this as the cost of doing business. Sure, Disney+ needs to know who I am to bill me, and obviously, they can track the shows I watch so they know how badly I want Season four of The Mandalorian! 

But what if someone else were to get that information?

Well, your contact information is one thing. If the wrong entities get hold of that, you could start getting a lot more spam. They know you are a Disney+ user, so they could pretend to be Disney or pretend to be affiliated with Disney to try to trick you into something. It’s pretty easy to look through the list of devices that someone watches Disney+ on to determine their tax bracket, and look at the content they watch to determine their gender, cultural values, marital status, and even get an idea of when you are home or not. On top of that, there’s credit card information.

That’s a lot of information, and that’s just Disney+! Email providers, cellphone carriers, Internet service providers, banks, and social media sites store even more information about you.

You aren’t going to change this paradigm. You are a part of this digitized future, and you must acknowledge it and follow the steps in this guide to protect your information.

Why Me? What Could Someone Do With My Data?

We hear this one a lot. In fact, almost every single time we help someone who cybercriminals have targeted, this question comes up.

Cybercrime is rarely personal. It’s rarely because you were some kind of target that stood out.

The bad guys don’t care about you as an individual; it’s a numbers game. It’s like any sort of marketing or advertising campaign—they target thousands or millions of people with the expectation that they will get a certain return on their efforts.

Remember our Disney+ example above? If they were to break into Disney+’s network and steal that information from a million accounts, each one of those accounts would be worth a little money on the black market. This happens all the time, as big organizations suffer from data breaches and all of that information gets dumped on the dark web for other criminals to steal, sell, and use.

Maybe Disney+ data isn’t the gold mine, but cybercriminals do know that most users have one weakness that makes them especially vulnerable…

Some of those passwords stolen from Disney+ are likely going to work on other accounts for that user, because most people are notoriously bad at using unique passwords between accounts. In fact, in a survey that interviewed several million people, 52 percent of them admitted that they use the same password more than once.

For a large percentage of users, if I have your Disney+ password (or some other password from a different account), I can likely get into your email, bank, or some other much more valuable account.

If I can get into your email account, I can easily reset any other password for any other account and get right in.

These big organizations get breached all the time, and often take months before they even realize it or tell their subscribers about it. 

Want to see how many times your email address has been found in massive data breaches? There’s a great site for checking: https://haveibeenpwned.com/

Fortunately, what we go over today throughout the rest of this guide is going to protect you from this. Thanks for listening to us so far—cybersecurity is something we are passionate about and we just want to help you understand why it’s so important. Let’s get on to the guide so you can protect yourself online!

Let’s Strengthen, Organize, and Document Your Passwords Securely, Once and For All!

In this guide, we will cover several steps to gain control over your passwords. We’re going to discuss a few ways to make strong passwords that are easier to remember, but ultimately, you are going to rely on a secure password manager to remember most of your passwords for you.

This process is going to take you time, but once it’s done, it takes very little effort to maintain.

We’re going to start with making strong passwords, but there is going to be a little house-keeping for you to do as well to help ensure you know how to get into as well.

Here are the steps we’re going to take:

  1. Create a few strong master passwords
  2. Choose a primary email that governs your accounts
  3. Secure that email with a new, strong password
  4. Choose a Multi-Factor Authentication app
  5. Set up Multi-Factor Authentication on your primary email
  6. Select and set up a password manager
  7. Update every account, secure it, and log it in the password manager
  8. Delete old passwords stored in your browser
  9. Maintain the course and continue to practice good cybersecurity hygiene!

Step One: Create Strong, Unique Passwords

A strong password includes the following: capital letters, lowercase letters, numbers, and symbols. The length of the password is also essential, as shorter passwords are easier for hackers to crack. With the right tools, a criminal can crack an 8-character password in just a few minutes. A good goal is 16-to-24 characters (although some sites or accounts might limit you to 12-to-16 characters, so always try to use the maximum possible).

You might think that’s a long password and you are right! It’s hard to memorize and recite a complex password like that, but the good news is that you’ll only need to memorize one or two of them (we’ll get there in a moment).

Ultimately, we are building a master password, and you’ll need to recall this password in order to bring up all of your other passwords. We recommend having two of these—one for your primary email (we’ll get to that in the next blog post) and one for your password manager (covered in part four).

The easiest way to make a password that is both easy to remember and secure is to use passphrases. A passphrase is a string of random words that wouldn’t usually go together, and don’t really have anything to do with you personally. Avoid pet names, family members, phone numbers, zip codes, birthdates, and other personally identifiable information.

Here’s an example:

Jedi Monsoon Spaghetti Dragon Ship

These five words contain 30 characters if we string them together. If we adjust the capitalization to make it a little more complex, add a few numbers and symbols, we get an extremely secure password that is relatively easy to memorize:

JEDImons00nSPAGHETT!drag0n$hip

Obviously you can’t use this one, as it’s posted on the Internet, immediately making it easy for criminals to crack.

If you aren’t feeling particularly creative, you can use this random word generator to spit out some ideas for you.

You Can Cheat a Little and Still Be Secure!

Complex passwords are secure, and by the time you finish this five-part guide, you’ll be using a password manager that does all of the memorization for you. In most cases, you’ll never need to type in most of your passwords except when logging into your password manager. There is an exception to this—your TV. 

It’s a huge pain to try to type in a 30-character Hulu password just to watch Cupcake Wars, so here’s a little exception to the rule that you can use specifically for streaming services to make the passwords a little easier to enter.

It’s still critical that these passwords are unique, complex, and random… but maybe you want them to be a little easier to type into a television with a remote control. This also applies to guest Wi-Fi passwords and other accounts that you might need to read out loud or share manually.

Here’s a quick set of tips to make passwords that are easy to type or read out loud to a guest

  • Keep capital letters bunched together so you don’t need to tap the shift key repeatedly.
  • Keep numbers and symbols bunched together for the same reason.
  • Want to be super lazy? Use characters that are near each other on the keyboard.
  • Avoid characters that look like numbers or other characters, such as capital Is, lowercase Ls, the numbers 1, 0, and the letter o.

For example, your Netflix password could be something like this:

DRRZVBpkmmmy4958#@!
(obviously, don’t use this password, since it’s published on the Internet)

Note that the first third of the password is all caps, using letters on one side of the keyboard, while the second third is all lowercase using letters from the other side.

It’s much easier to type out with a television remote than something completely random, but this password still follows all of the critical rules that make it a long, complex password! It’s just easier to enter into your television or Wi-Fi.

Stay Tuned for The Rest of This Guide!

This is part one of a five-part guide! Head back to our blog to see the rest of these articles (we’ll post each one every other weekday). You can also click on #Password Guide below to see all the currently published parts.

Sign Up For Our Newsletter!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Productivity Business Software Innovation Hackers Cloud Network Security User Tips Hardware Internet Efficiency IT Support Malware Privacy Google Computer Email Workplace Tips Phishing Hosted Solutions IT Services Users Collaboration Mobile Device Workplace Strategy Ransomware Small Business Quick Tips Cybersecurity Microsoft Passwords Communication Data Backup Saving Money Smartphone Backup Managed Service Android Business Management VoIP Smartphones Mobile Devices communications Upgrade Disaster Recovery Browser Social Media Data Recovery Managed IT Services Microsoft Office Windows Remote Current Events Network Productivity Tech Term Internet of Things Facebook Automation Artificial Intelligence Cloud Computing Covid-19 Holiday Gadgets AI Miscellaneous Remote Work Server Managed Service Provider Information Outsourced IT Training Employee/Employer Relationship Encryption Spam Compliance Windows 10 Office Data Management Government Business Continuity Virtualization Business Technology Wi-Fi IT Support Windows 10 Bandwidth Blockchain Vendor Apps Two-factor Authentication Mobile Office Data Security BYOD Apple App Employer-Employee Relationship Managed Services Voice over Internet Protocol Networking Mobile Device Management Chrome Gmail Budget HIPAA WiFi Applications Access Control Tip of the week Computing Hacker Conferencing Information Technology Avoiding Downtime Marketing Office 365 How To BDR Bring Your Own Device Router Big Data Virtual Private Network Health Help Desk Operating System Computers Retail Risk Management Healthcare Website Managed IT Services Analytics Office Tips Augmented Reality Storage Password The Internet of Things Vendor Management Solutions Physical Security Social Display Printer Paperless Office Going Green Windows 11 Infrastructure 2FA Monitoring Customer Service Excel Cybercrime Document Management Remote Workers Telephone Scam Data loss Cooperation Free Resource Project Management Windows 7 Firewall Patch Management Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Mouse IT Management VPN Employees Meetings Administration Integration User Tip Modem Processor Computer Repair Mobile Security Holidays Customer Relationship Management Settings Data Storage Wireless Printing Smart Technology Supply Chain Content Filtering Video Conferencing Machine Learning Managed Services Provider Hacking Saving Time Virtual Machines Presentation Professional Services YouTube Cryptocurrency Wireless Technology Managed IT Service Maintenance Antivirus Downloads iPhone Virtual Desktop Licensing LiFi Data storage Entertainment Vulnerabilities Word Data Privacy Outlook Images 101 Money Humor Telephone System Multi-Factor Authentication Robot Mobility Cost Management Safety Sports Education Unified Threat Management Directions Videos Assessment Electronic Health Records Permissions Workforce Wasting Time Threats Trend Micro Mobile Computing Network Congestion Specifications Security Cameras Workplace Strategies Search User Error Microchip Internet Exlporer Software as a Service Fraud Meta Managing Costs Amazon Application Best Practice Username Point of Sale eCommerce Black Friday SSID Buisness IT solutions Database Surveillance IBM Legal Virtual Assistant Outsource IT Tech Support IT Technicians Virtual Machine Environment Business Growth Media Network Management Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Cortana Tactics Development Hotspot Transportation Small Businesses Websites Mirgation Hypervisor Displays Alt Codes Shopping Nanotechnology Optimization Competition PowerPoint Downtime Hosted Solution SharePoint Addiction Electronic Medical Records Language Employer/Employee Relationships Outsourcing Management PCI DSS Chatbots Typing Navigation Lenovo Gig Economy Screen Reader Writing Distributed Denial of Service Workplace Virtual Reality Computing Infrastructure Teamwork Hiring/Firing User Knowledge Service Level Agreement Internet Service Provider Google Drive Server Management Regulations Compliance Private Cloud Identity Evernote Paperless 5G Superfish Bookmark Identity Theft Smart Tech Memes Co-managed IT Twitter Alerts SQL Server Technology Care Unified Communications Experience Download Net Neutrality IP Address Google Docs Financial Data Error History Bitcoin Business Communications Running Cable Browsers Smartwatch Connectivity IT Google Wallet Social Engineering Break Fix Scams Remote Computing Azure Hybrid Work Recovery Upload Procurement Social Network Telework Cyber security Hard Drives Windows 8 Multi-Factor Security Tech Human Resources Laptop CES Tablet IoT Communitications Domains Drones Dark Web Cables Alert Trends Supply Chain Management Managed IT Customer Resource management FinTech File Sharing Regulations Refrigeration Dark Data Google Calendar Term Google Apps Halloween Data Analysis Star Wars IT Assessment Public Speaking How To Microsoft Excel IT Maintenance Notifications Staff Value Business Intelligence Gamification Flexibility Lithium-ion battery Organization Travel Social Networking Hacks Legislation Shortcuts Entrepreneur Scary Stories Fun Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Ransmoware Wearable Technology Memory Vendors Deep Learning Content Remote Working Health IT Unified Threat Management Motherboard Data Breach Undo Comparison Google Play Be Proactive

Blog Archive