Email accounts, e-commerce sites,
administrative services… many sites require you to create an
account and protect it with a password and many Internet users use
the same password on all sites in order not to forget it. Attention!
This practice is risky and can allow hackers to access all your
information to use your identity, or your bank account. Here are all
our tips for creating a secure password.
What are the risks?
If one of the sites on which you have an account is a victim of data leakage including your authentication means, it will then be easy for hackers to access your personal information. They may use your login and passwords to connect to other accounts. Be very careful, especially on accounts that contain sensitive data (social networks, mailbox).
For example, if he controls access to your accounts on the Internet, a hacker could:
usurp your mailbox to trap your contacts;
use your bank details for fraudulent purchases;
ask for a ransom if he finds compromising data in your mailbox.
Rule #1: 12 characters
A secure password must be at least 12 characters long. It may be shorter if the account offers additional security features such as locking the account after several failures, a character or image recognition test (“captcha”), the need to enter additional information communicated by a means other than the Internet (example: an administrative identifier sent by La Poste), etc.
Rule 2: numbers, letters, special characters
Your password must consist of four different types of characters: upper and lower case, numbers, and punctuation marks or special characters (€, #…..).
Rule number 3: an anonymous password
Your password must be anonymous: it is very risky to use a password with your date of birth, your dog’s name etc., as it would be easily guessed.
Rule 4: Double authentication
Some sites offer to inform you by email or phone if someone connects to your account from a new terminal. This allows you to accept or reject the connection. Feel free to use this option.
Rule 5: Password renewal
On sites where you have stored sensitive data, remember to change your password regularly: every three months seems to be a reasonable frequency.
How to remember your password?
It is very important to use a different password for each account. You must therefore build several passwords, and there is no way to write them in a text file, in your smartphone’s notes or on the cloud, they could be easily accessible. So how do we retain them? There are two options available to you.
Create a password from a sentence
The CNIL has set up a password generator that allows you to create your password from a sentence. All you have to do is remember the sentence and use the initials of the sentence to create your password.
Example: The sentence “I create a super secure password! More than 12 characters and 4 different types! “allows you to create the password “Jcumdpss!Pd12ce4td! »
Use a password manager
With an encrypted password manager, you will only need to remember one password to access all your accounts. Practical!