LOS ANGELES (CBSNewYork) — One of the best ways to protect your digital information is to have a secure password, but it can be difficult to remember a complicated set of letters, numbers and characters.
CBS2’s Danielle Nottingham shows us how to make it easier.
For most of us, passwords are a pain.
Nottingham took to the streets recently to find out how seriously everyday Americans take their passwords.
“No, I don’t. I do not have a good password. I’ve had the same three passwords for the past 10 years,” a woman named Emily said.
It’s a common problem.
A report from Splash Data last year found the two most popular passwords were “password” and “1-2-3-4-5-6.”
Nottingham: “You’re not going to do like 1, 2, 3, 4, 5?”
Emily: “No, no, I might do 6, 7, 8.”
We went to Google to find out how they handle passwords.
“Google has gotten rid of some of the things that are still thought of as best practices elsewhere, like forcing you to rotate your password every few months,” said Mark Risher, the company’s director of product management.
Risher said you should come up with unique and complicated passwords.
“The best advice for passwords is to actually use a different one at every site,” Risher said.
Instead of putting capital letters at the beginning and numbers at the end, mix it up to make it harder for hackers to guess.
Shane Brady came up with his own unique system after having his identity stolen.
“I have insane passwords that no one would ever crack,” Brady said. “So I make acronyms and I throw numbers of hockey players into my passwords, mix up letters and numbers.”
But it can be hard to keep track of that so Risher recommends a password manager that can remember them for you. It’s also a good to set up two-tier authentication, which usually involves a text or app. A code is sent to your device and you type it in as an extra security step.
“That’s probably the best way your viewers can protect themselves is by adding that second factor,” Risher said.
If you want to go a step further, you can also purchase a security key. When you try to log into a site your phone or computer detects the device and with a tap you can confirm it’s you and not a hacker trying to log in.