Internet Security

Did you know that it only takes this much time for a hacker to crack our passwords? In this post, I'd like to share some tips on how can we protect our online accounts from getting hacked.

Use really long passwords

As you can see from the image above, the longer your password is, the longer it'll take for a hacker to crack it.

So if you're using Macbooks / Apple products, you can enable Keychain on iCloud, and allow Safari to suggest passwords for you. Safari will suggest passwords for your accounts, and it'll be saved on your iCloud. In this way, you don't need to memorize your passwords, but you will still be able to login to your other Apple devices as long as your iCloud is enabled since all your passwords will be synced.

Use really long passwords (24 characters if allowed in a website) with combinations of upper/lowercase, alphanumeric and symbols.

Use Password Manager

There's another way to get generated password stored in an account aside from iCloud Keychain. And that is by using a Password Manager. You only need to memorize your Master Password to be able to login to the password manager app. And if you need to create new accounts, use your Password Manager to generate a password for you, and save it.

If you're new to using Password Manager apps like me, always keep a copy of the generated password (paste it in a notepad app) until you have confirmed that you have successfully updated your password, you were able to logout and log back in with the new password, and confirm the same password you have in your copy vs. the one in your Password Manager. When you've done all that, delete the password in the notepad app, or wherever your pasted it to.

You can also save sensitive information in a Password Manager. In my case, I can save my credit card info since I don't really like saving this info in the browser, and some really important messages that I don't want anyone to have access to, example, cryptocurrency keys.

Enable Two-Factor Authentication (2FA)

- Via Text Message (OTP)

- Via Authenticator Apps like Google Authenticator

If ever someone managed to crack your password, there's another layer of protection through codes you get via text or from an authenticator app - as long as you don't give these codes to anyone. I keep a copy of my Google Authenticator QR code somewhere, so in case I lost the device that has the authenticator app, I can still import my codes to a new device, as long as I have that QR code.

Avoid getting locked out of your account

When using a Password Manager, it is very important to always remember the email and the master password so you can have access to all of your other accounts passwords.

And when using authenticator apps, always keep a copy of your exported QR code somewhere, just in case you will need to import it to another device. If you lose this QR code and you don't have the device where you installed the authenticator app, when you try to login to your account that requires a code from an authenticator app, you might not be able to access your account anymore.