DALLAS (KDAF) — The Federal Bureau of Investigation office in Dallas is encouraging the public to work on some new passwords in the new year to increase their cybersecurity.
The FBI says that January provides a perfect opportunity to make some changes to beef up your cybersecurity. “Consider making your password a passphrase. Length beats complexity when creating a strong passphrase.”
So, what do you need to know when updating your passwords into passphrases? The National Cybersecurity Alliance says while transitioning from passwords to passphrases can be inconvenient, it will help prevent people from accessing your personal information and strengthen the keys to your personal home online.
NCA: What to do with your passphrases
- Make your passphrase a sentence: A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember and include numbers and special characters. On many sites, you can even use spaces.
- Unique account, unique passphrase: Having separate passphrases for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passphrases.
- Write it down and keep it safe: Everyone can forget a passphrase. Keep a list that’s stored in a safe, secure place away from your computer.
- Consider using a password manager: Password managers store login credentials so you don’t have to remember your unique passphrases for every site. Many will also generate strong passphrases for you.
NCA: The importance of multi-factor authentication
- Your usernames and passphrases are not enough to protect key accounts like email, banking and social media. Multi-factor authentication, also called two-factor authentication or MFA, is a security feature that allows you to use two types of credentials when logging in to an account.
- Multi-factor authentication can help fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.
- Over time, more websites will be adopting strong authentication. In some cases, the services may be available but are not required.
- Many email services offer strong authentication on an opt-in basis. Ask your financial institution, email provider and other online services if they offer strong authentication or additional ways to verify your identity.