(CBS) — Hackers compromise log-in passwords time and time again. Our passwords are our first line of defense, but most of us know little about what makes a strong password. CBS 2’s Lionel Moise reports on steps we can take to make our passwords un-hackable.
Paul Petefish, CEO of Evolve Security Academy said a simple password could be a big problem because it guards our money, our savings accounts, our checking accounts and our credit accounts.READ MORE: Investigation Underway After String Of Church Burglaries In Morgan Park
He recommended using a different password for every account and said longer passwords are safer.
“If you have a five character password you have about 11 million combinations,” said Petefish. “But if you just add an extra character and make it a six character password you have now over 300 million combinations.”
Often a computer is trying to figure out the right combination so Petefish also recommends having a password with 10 to 12 characters.READ MORE: Another Victim Of Serial Killer John Wayne Gacy Identified: Francis Wayne Alexander, Of North Carolina
Lujo Bauer, PhD. is an associate research professor in CyLab at Carnegie Mellon University. He suggests using a password manager app which essentially remembers your log-in information for you and sometimes automatically inputs the password.
There are many password manager apps available and most are free. In password manager apps, passwords are encrypted for storage so if a hacker gets in they only find gibberish.
Petefish also urges paying close attention to your email account log-in because it is the gateway to other accounts. If your email password is compromised, a hacker can gain access to linked accounts and reset the passwords on all of them.
To counter that, some accounts offer a second or third method to authenticate who’s really logging in. For example, the service may send a text message as authentication or require an extra pin.MORE NEWS: Teen Charged In Pair Of September 2020 Carjackings On South Side
If you use unusual characters or capital letters in your password – mix them up inside the phrase. And, if an app or website asks if you want it to save or remember your password, don’t do it.