Why is it important to use a strong unique passphrase for each of your social networking accounts?

These days, it feels like you need an account for everything. It’s hard to do most things online without one. Whether it’s for streaming services, online shopping, email or banking, balancing a bunch of accounts has become a key part of our online lives.

Table of Contents Show

Passwords are your first line of defense
You could lose a lot of important personal information
How to create a unique password and protect your accounts
Creating strong passwords

With all these accounts, coming up with a strong and unique password or passphrase to protect each of them can seem inconvenient or perhaps even overwhelming. It can feel like all those passwords will be difficult to remember. The problem is that using the same password for multiple accounts can lead to hacks across multiple platforms.

Here’s why you should never use the same password for more than one account:

Passwords are your first line of defense

Passwords are often your first line of defense when it comes to protecting your information from online threats, which is why you want to create one that is not only strong but unique. Using the same password across multiple accounts can lead to credential stuffing. Credential stuffing is when hackers use previously stolen login credentials from one website and then “stuff” these credentials into other websites until they find matches. For example, imagine you used the same password for an online shopping account and your online bank account. If a cyber criminal got access to your shopping account where your payment information was saved, they’d be able to figure out which bank you use and have the login credentials they’d need to access it.

Using the same password leaves you and your information vulnerable to financial and identity theft, so it’s important to use a unique one for each of your accounts.

You could lose a lot of important personal information

Your accounts contain more sensitive information than you might think. For example, an online shopping account for a one-time purchase still has an order history that includes your full name, address, phone number and credit card information. This is why you should protect all your accounts equally. While some accounts may seem less important than others (like your banking account compared to that one-time purchase online shopping account), they all likely contain some form of sensitive information about you. This information can make it easy to steal your identity or your money. Some cyber criminals may even use this information against you in the form of a phishing attack or sell it over the dark web.

Simply put, if a hacker were to gain access to one of your accounts, they’d be able to gain access to all of them if you were using the same password. By creating passwords that are both strong and unique, you can make your accounts more secure.

How to create a unique password and protect your accounts

In addition to making unique passwords, we also recommend strengthening all of your existing passwords and following best practices for any new ones. You can make your passwords stronger by not including personal information in them (this includes pet names, favourite sports teams and birthdays). You should also use a minimum of 12 characters that includes upper- and lower-case letters, numbers and special characters. You can be even more secure by using a passphrase instead, which has a combination of four or more random words and a minimum of 15 characters.

A challenge for creating strong and unique passwords for all your online accounts is keeping track of them. This is why we recommend trying a password manager. A password manager does exactly what it promises to do. It manages your passwords on your behalf, so you don’t have to remember them all (as long as you remember the password for your password manager). You can enter each of your accounts into the password manager and update your existing passwords into something stronger or unique if you’ve been using the same one.

You should also make sure that the primary password for the password manager follows password best practices. After all, it’s protecting all your other passwords!

Use multi-factor authentication (MFA) for extra security on your accounts. Many online accounts like banking, email and social media have adopted this practice. It works to verify your identity by adding an extra security measure, like texting your phone or asking for a code from an authentication app, in addition to your password.

Conclusion

Using a unique password for all your online accounts may seem like a lot of work at first, but it’s worth the effort to keep your information safe from cyber criminals. By using cyber security measures like password managers and MFA, you can protect your accounts from being compromised.

Here are some useful tips to for creating strong passwords and keeping your information secure.

Use a unique password for each of your important accounts (i.e. email and online banking). Do not use the same password across multiple accounts.
Your password should be at least 8 characters long. Password should consist of lowercase and uppercase letters, numbers and symbols. A long password will offer more protection than a short password if it is properly constructed.
Do not use personal information such as your name, age, date of birth, child’s name, pet’s name, or favorite color/song when constructing your password.
Avoid consecutive keyboard combinations (i.e. qwerty or asdfg).
Look around and make sure no one is watching while you enter your password. If somebody is, politely ask them to look away.
Always log off/sign out if you leave your device for the day – it just takes a few seconds to do and it’ll help ensure that no one uses your system for malicious purposes.
Avoid entering passwords on computers you don't control – they may have malicious software installed to purposely steal your password.
Avoid entering passwords when connected to unsecured Wi-Fi connections (like at an airport or coffee shop) – hackers can intercept your passwords and data over unsecured connections.
Never tell your password to anyone.
Change your passwords regularly and avoid using same password over and over again.
Never write down your passwords on a sticky paper and hide underneath your workstation or telephone. Somebody will find it.
Always select “never” when your Internet browser asks for your permission to remember your passwords.

We all have a responsibility to keep our information secure. These guidelines will help you avoid most of the pitfalls you may encounter along the way.

/en/internetsafety/introduction-to-internet-safety/content/

Creating strong passwords

You'll need to create a password to do just about everything on the Web, from checking your email to online banking. And while it's simpler to use a short, easy-to-remember password, this can also pose serious risks to your online security. To protect yourself and your information, you'll want to use passwords that are long, strong, and difficult for someone else to guess while still keeping them relatively easy for you to remember.

Watch the video below from Safety in Canada to learn more about creating a strong password.

At this point, you may be wondering, why do I even need a strong password anyway? The truth is that even though most websites are secure, there's always a small chance someone may try to access or steal your information. This is commonly known as hacking. A strong password is one of the best ways to defend your accounts and private information from hackers.

Tips for creating strong passwords

A strong password is one that's easy for you to remember but difficult for others to guess. Let's take a look at some of the most important things to consider when creating a password.

Never use personal information such as your name, birthday, user name, or email address. This type of information is often publicly available, which makes it easier for someone to guess your password.
Use a longer password. Your password should be at least six characters long, although for extra security it should be even longer.
Don't use the same password for each account. If someone discovers your password for one account, all of your other accounts will be vulnerable.
Try to include numbers, symbols, and both uppercase and lowercase letters.
Avoid using words that can be found in the dictionary. For example, swimming1 would be a weak password.
Random passwords are the strongest. If you're having trouble creating one, you can use a password generator instead.

Common password mistakes

Some of the most commonly used passwords are based on family names, hobbies, or just a simple pattern. While these types of passwords are easy to remember, they're also some of the least secure. Let's take a look at some of the most common password mistakes and how to fix them.

"I doubt anyone could guess my password! It's my kids' names and ages. Who else would know that?"

Problem: This password uses too much personal information, along with common words that could be found in the dictionary.

Solution: A stronger version of this password would use symbols, uppercase letters, and a more random order. And rather than using family names, we could combine a character from a movie with a type of food. For example, Chewbacca and pizza could become chEwbAccAp!ZZa.

"My password is so simple! It's just the beginning of my street address with a few extra characters."

Problem: At only five characters, this password is way too short. It also includes part of her address, which is publicly available information.

Solution: A stronger version of this password would be much longer, ideally more than 10 characters. We could also substitute a nearby street name instead of her current address. For example, Pemberly Ave could become p3MberLY%Av.

"My password follows a simple pattern, so it's easy to remember and type on my keyboard."

Problem: While patterns like this are easy to remember, they're also some of the first things a hacker might guess when attempting to access your account.

Solution: Remember that random passwords are much stronger than simple patterns. If you're having trouble creating a new password, try using a password generator instead. Here's an example of a generated password: #eV$pIg&qf.

If you use a password generator, you may also want to create a mnemonic device to make the password easier to remember. For example, H=jNp2# could be remembered as HARRY = jessica NORTH paris 2 #. This may still feel pretty random, but with a bit of practice it becomes relatively easy to memorize.

"I use the same passwords for all my accounts. This way, I only have to remember one password!"

Problem: There's nothing really wrong with this password, but remember that you should never use the same password with different accounts.

Solution: Create a unique password for each of your online accounts.

Using password managers

Instead of writing your passwords on paper where someone might find them, you can use a password manager to store them securely online. Password managers can remember and enter your password on different websites, which means you won't have to remember longer passwords. Examples of password managers include LastPass, 1Password, and Google Chrome's password manager.

"I use a password generator to create all of my passwords. They're not super easy to remember, but that's OK; I also use a password manager to keep track of them."

This is a great example of a strong password. It's strong, long, and difficult for someone else to guess. It uses more than 10 characters with letters (both uppercase and lowercase), numbers, and symbols, and includes no obvious personal information or common words. This password might even be a bit too complicated to remember without a password manager, which underscores why they're so helpful when creating a strong password.

Remember to use these tips whenever you create a password to keep your online information safe and secure.

/en/internetsafety/your-browsers-security-features/content/