If the title of this post describes your password, you’re not alone. Are you surprised to learn that you’re not the first to come up with this method of password generation?
Don’t be. As a matter of fact, I fall into this demographic, too. I’ve come to realize it’s because human brains tend to think alike when it comes to a first thought.
The truth is that the internet and technology game have changed. With the advent of cryptocurrencies and a slew of new projects, businesses, and exchanges, security has become paramount. For those of you that still prefer to think of crypto as ‘magical internet money’ the fact is that pressure from the anti-money laundering act on all these cryptocurrency financial institutions have set in motion an entirely new model of security that EVERYONE needs to know and adopt.
We’re talking about the normal change that comes with technology where a new standard has been created and now everyone has to jump on the adoption train. Kind of like the smartphone, you can either be an early adopter and stay ahead of the masses or a late adopter and most likely be taken advantage of because literally everyone else knows more than you. This isn’t one of those things you can be stubborn with. Even my brother fought the good fight in the ‘Retro-Analog Battle’ and his anti-smartphone swag. He was defeated when he was not able to order food at any restaurants because his Walgreens prepaid phone couldn’t scan QR code menus and allowed social pressure and public shaming to do the rest.
Password Requirements Have Gone Too Far
I hate making new passwords. It is hard to meet all of the damn requirements. That’s why so many of my passwords start with a capital letter and include the number 1 and an exclamation point. And it’s why yours do, too. In the early internet days, people were making easy-to-guess passwords. As a solution, developers added requirements designed to make stronger passwords. First you needed uppercase and lowercase letters. Then you had to add a number. Then a special character. That didn’t solve the problem, so then they started making us change our passwords every 60 days. Then we couldn’t use any of our previous 10 passwords. And now there are limits to how many times we can repeat a character. It makes it really hard to come up with a new password every time–but that’s the point.
These requirements are necessary because hacking and identity theft are serious and frequent problems. Having your identity stolen is a nightmare.
So what simple things can you do to make yourself hack-proof?
Get a Password Manager
Investing in a password manager is the greatest investment you can make. I currently have 509 records in my Keeper Vault. It automatically detects passwords that have been exposed in known data breaches and gives you an opportunity to change the password for that website or app. Each record can easily be found using a quick search function using a title you create. It’s important to take the time to learn how to use it. The idea is that you only have to memorize one password, a ‘Master Password’, and add a second layer called 2-Factor Authentication (2FA) which we’ll go over next. This allows you to access “The Vault” which stores all of your passwords, personal notes, treasure map, secret passphrases, seeds, backup codes, anything you want. Whenever you want to change or create a password, the manager will generate a random one so crazy that you can’t possibly memorize it–which means no one will be able to guess it, either. Think of it as a personal assistant that memorizes passwords for you so you don’t have to. This frees up thinking space in your brain and it is one less thing to worry about.
I found a Keeper integration on the Google Chrome Web Store that is very useful. When you install it to your web browser, a small icon appears with the Keeper logo next to the address bar. If you do not see it, click on the icon that looks like a puzzle piece and click on the pin to make it appear on your browser. This type of integration is called a Chrome extension. It provides easy and instant access to your Keeper Vault records so you can search, copy, and paste a password all within a few clicks. The extension also contains a feature to automatically enter a password when visiting a specific site.
This new idea of not even knowing your own passwords is key because it creates a layer of security by not allowing you to think of an easy password. Everything is encrypted, and Keeper has a good reputation. It’s one of the only password mangers that hasn’t been in the headlines for a major security breach. If you need to know how it all works, they have a robust library detailing their security protocols. If you don’t care how it works, just know they are overly fortified and don’t have access to your records either. It’s a big task to change all your passwords even with the password manager because it requires you to manually go into the settings in each website and app to change it to a Keeper-generated password. In order to ease the transition, a good place to focus is all your email accounts and any login that deals with money. You’ll feel that new clean feeling when it’s all secured using your Keeper-generated passwords and 2FA which we’ll talk about now. If you’re interested in getting 30% off Keeper, feel free to use this link.
Use 2-Factor Authentication (2FA) On Everything
All accounts nowadays should have 2FA and you need to be using it. There’s Google, Authy, & Microsoft and some companies run their own version. It’s intuitive to do and pretty straightforward. It creates a secret pin number that changes every 30 seconds like in those heist movies. When you login to an account, you have to enter your 2FA code that is synchronized with that site. Good luck guessing a randomized pin that changes every 30 seconds. So when you’re using Keeper’s randomized password with this 2FA, you have a nearly hack-proof situation. Now I’ve used all of these authenticators and like Twilio’s Authy the best because it offers synchronization with multiple devices like my macbook and iphone. This is a big deal because if you lose a device that has your google authenticator, you basically lose access to all your logins that require 2FA. With Authy, if I lose my phone, I’m not screwed because I still have my laptop. If I lose both then you need to be saving those weird backup codes you get from when you activate 2FA while making an account somewhere. I save the backup codes where? On Keeper! Yay, it’s a symbiotic relationship. Like a password security system of checks and balances.
The alternative 2FA method is using a phone number and a SMS text message for codes. I advise caution against this because this is the easiest method for hackers to exploit. Like a professional conman, they are able to obtain some basic information about you and convince your cell phone carrier that you got a new phone. They move your phone number to their hacker phone and suddenly have access to all your text messages including the 2FA codes that are received over SMS text. This is still better than nothing. As new security measures come out, there will always be shady people pondering ways to exploit others. By taking these precautions, you’ve put an enormous obstacle before them and they will move on to easier targets. Remember that no system is completely hack-proof. If you’ve been following along our posts and applying the knowledge, then you will eventually have something worth stealing. Think of doing something today as laying the foundation for the security of your future wealth. All in all, these are the essentials of basic internet security and congratulations on updating your brain to the latest version of common sense.