Are you reusing the same old password for all your online accounts?
You’re not alone as most people tend to rotate between a couple of the same passwords for years. But this habit puts your personal information and your business at a huge risk.
Reusing the same password means that if someone gets your password from one account, the same credentials could be used to access your other online accounts, like your email, social media, or online banking.
To be clear, we’re not just talking about a hacker making a guess at your password using personal information such as your birth date or trying the world’s 25 most common passwords.
We’re also talking about artificial intelligence (AI) becoming increasingly better at guessing passwords:
“The strongest password guessing programs, John the Ripper and hashCat, use several techniques. One is simple brute force, in which they randomly try lots of combinations of characters until they get the right one. But other approaches involve extrapolating from previously leaked passwords and probability methods to guess each character in a password based on what came before.”
Using AI, someone could target millions of accounts at the same time, including yours or your employees’.
The good news is that you can protect yourself and your business from human or robotic hackers by taking two simple steps to secure your passwords:
- Use a password manager
- Setup two-factor authentication (2FA) when possible
The even better news is that this will actually make it easier for you to manage your business accounts.
What are password managers
Many experts advise you to change all of your passwords every 3-6 months. The problem with this advice is that it’s a huge hassle, it’s easy to forget to change the password on some lesser used accounts, and most people will simply replace one easy to hack password with another, defeating the whole purpose.
The solution is to use a password manager.
A password manager provides a secure, virtual vault in which all of your login credentials are saved for when you need to access them.
The beauty of it is that it does all of the work for you – instantly creating and storing passwords so complicated and idiosyncratic that even you won’t be able to remember. All of this information is locked by a PBKDF2-guarded “master password” – and as such, is the only password you need to remember.
At Rewind, our favourite password manager and the one our entire team uses is 1Password. We recommend having a Team account for yourself and all your employees as well as an Individual or Family account for personal use.
How to get started with 1Password
- Check out Lifehacker’s Beginner’s Guide to 1Password
- If you’re a Rewind customer, we’re now happy to offer a 1Password Promo Code for 6 months of free use as part of your exclusive Rewind Rewards! You can find the promo code in your Rewind Rewards email. If you can’t find it, simply email us at firstname.lastname@example.org.
- To learn more about how the 1Password security model works, check out this Help Doc.
Why use Two-Factor Authentication (2FA)
Two-Factor Authentication (2FA), also known as two-step authentication, provides an extra layer of security on top of your password by requiring a second step of verification when you sign in to your accounts. It makes it practically impossible to hack your accounts even if someone somehow managed to get your password.
After enabling 2FA in your account, you’ll be asked to provide a unique, one-time code after signing in with your username and password. The code can be generated by an authenticator app or through SMS. It’s best to use the authenticator app option since it’s much more secure.
- You can use 1Password as an authenticator
- Or download the Google Authenticator app for free in the Apple App Store or Google Play App Store.
The most important accounts where you should enable 2FA are your email account and online banking. If someone gains access to your email account, they could request password resets for your other online accounts that are linked to your email.
Here’s instructions on how to setup Two-Factor Authentication in some of the most common online accounts for running your business:
Shopify: Instructions in help centre
Bonus Tip: Learn how to backup your Shopify account
QuickBooks Online: Instructions in Intuit Community
Facebook: Facebook settings
Instagram: Instructions in help centre
Twitter: Twitter settings
Snapchat: Instructions in help centre
Apple ID: Instructions in help centre
Paypal: Called PayPal Security Key card, instructions in help centre.
WordPress: Instructions in help centre
Dropbox: Instructions in help centre
Protect your business with secure passwords
Using a password manager with two-factor authentication when possible will ensure that you’re building your business on top of a strong foundation. Like any good habit, it takes a bit of time and effort to build it into your routine. But once you and your employees get used to this new way of managing your passwords, you will never go back to the old way.