(CBS) — Hackers compromise log-in passwords time and time again. Our passwords are our first line of defense, but most of us know little about what makes a strong password. CBS 2’s Lionel Moise reports on steps we can take to make our passwords un-hackable.
Paul Petefish, CEO of Evolve Security Academy said a simple password could be a big problem because it guards our money, our savings accounts, our checking accounts and our credit accounts.READ MORE: Illinois To Offer COVID-19 Vaccinations To Everyone 16 And Older
He recommended using a different password for every account and said longer passwords are safer.
“If you have a five character password you have about 11 million combinations,” said Petefish. “But if you just add an extra character and make it a six character password you have now over 300 million combinations.”
Often a computer is trying to figure out the right combination so Petefish also recommends having a password with 10 to 12 characters.READ MORE: Chicago Weather: Dry Sunday Morning With Isolated Showers Late In The Day
Lujo Bauer, PhD. is an associate research professor in CyLab at Carnegie Mellon University. He suggests using a password manager app which essentially remembers your log-in information for you and sometimes automatically inputs the password.
There are many password manager apps available and most are free. In password manager apps, passwords are encrypted for storage so if a hacker gets in they only find gibberish.
Petefish also urges paying close attention to your email account log-in because it is the gateway to other accounts. If your email password is compromised, a hacker can gain access to linked accounts and reset the passwords on all of them.
To counter that, some accounts offer a second or third method to authenticate who’s really logging in. For example, the service may send a text message as authentication or require an extra pin.MORE NEWS: Chicago Weather: Rain Tapers Saturday Night, But More Scattered Showers Sunday
If you use unusual characters or capital letters in your password – mix them up inside the phrase. And, if an app or website asks if you want it to save or remember your password, don’t do it.