The Best Way to Store Passwords So Hackers Can’t Steal Them
Published:
When it comes to online security, passwords matter.
According to Microsoft, there was a 74% increase in the number of password attacks in 2022—that’s almost 1,000 attacks every second.
You might think that it will never happen to you. But SpyCloud found that 721.5 million account login details had been shared by hackers on the dark web in 2023 alone.
The best way to store passwords securely is to use a good password manager tool like LastPass.
But there are also other things you can do to keep your passwords safe. These include using:
- Secure passwords
- Different passwords for each account
- Two-factor authentication
- Anti-spyware software
This article explains each of these in detail so that you can keep your passwords safe from cybercriminals.
Common Password Mistakes
In 2023, the average American is believed to have around 300 online accounts.
Remembering all of these passwords is tricky. As a result, people often use weak but easy-to-remember passwords like password1 or 123456.
According to Computerware, 10–20% of accounts use passwords like these. The problem is that Cybercriminals can easily crack these types of passwords.
Computerware conducted a study measuring what difference this makes to the average time it takes a cybercriminal to hack a password. This is what they found:
Another bad solution people use to deal with hundreds of accounts is to use one password for everything.
But if you do this and your password is compromised, cybercriminals will immediately try using it on other accounts. They could access your entire digital life in one go.
However, only around 35% of people use a different password for every account.
How Password Managers Work
To solve the problems above, some people store their passwords online—for example in a Google Doc—where it can be quickly accessed when they need it.
But if this document is hacked via your Google account, the cybercriminals will have access to all your accounts.
The best way to store passwords safely is to use a dedicated password manager. In fact, they solve several problems all at once by:
- Automatically generating strong passwords
- Allowing you to assign a unique password to each of your online accounts
- Remembering passwords for you
There are broadly two types of password managers: browser-based and app-based.
Both are good, but the best way to store passwords securely is to use an app-based manager.
Here’s why:
- They’re not limited to just one browser
- They’re generally more secure than browsers
- They offer more options for generating and customizing passwords
- Most offer a free plan
A great password manager that has both app-based and browser-based solutions is LastPass. Let’s look at some of its features:
Password vault
LastPass is built around the idea of a password vault. This is like an online safe where all your passwords are stored. But you can also use it to store and access other sensitive personal information too, like credit card details.
This allows you to have a different password for each website. You install a browser extension that autofills your password whenever you go to log in to a website. All you have to remember is a single master password for your vault.
Data breach monitoring
Another useful feature of password managers is the warning systems they offer. LastPass has a dark web monitoring system.
This service tells you if your details have been leaked. LastPass proactively sends you alerts of data breaches and prompts you to change the password on that account.
Digital wallet and autofill
Password managers often have digital wallets and autofill features that simplify your online life. You’ve probably already got these on your browser, but password managers tend to keep this information more secure.
Should I store my passwords on paper?
Some people think that if your passwords are stored online then they are automatically at risk. These people often write their passwords down on paper.
While this is more secure than storing them in an online document, cybercriminals can still use spyware to see your passwords when you enter them. In addition, members of your household could access your private accounts should they get hold of the piece of paper your passwords are written on.
Plus, writing passwords down is inefficient and you could easily lose them. A password manager app is as secure as paper but much more convenient.
Four Tips for Better Password Management
Whether you choose to use a password manager or not, there are things you can do to drastically reduce the chances of your passwords being stolen.
1. Use a secure password
The Computerware study mentioned earlier shows that passwords with more characters and a wider range of characters are stronger.
One way of creating a strong password is to use a password generator like this one from LastPass. This randomly creates a password for you and allows you to set how long it is and what character types it uses.
2. Use different passwords for each account
Never use the same password twice. Even passwords that have subtle differences can easily be cracked by hackers. So don’t simply use the same password with a different number at the end.
If you do use the same password across multiple accounts then it’s important to check if any of these accounts has been compromised in a data breach. You can do this without a password manager by visiting Haveibeenpwned.
This is a free website set up by a Microsoft security expert to help people find compromised passwords and assess whether their personal data has been involved in a data breach.
It also includes a password checker which you can use to see if your password(s) has been exposed.
3. Use two-factor authentication
Two-factor authentication (2FA) adds an extra layer of security to your online accounts. It requires users to provide two different forms of identification to verify access.
Typically, this involves entering a password and then receiving a unique code on a separate device, such as a smartphone, which must be entered to gain access.
This means that even if someone finds or cracks your password, they will still need the second authentication method to access your account.
Today, password managers and many major websites encourage you to set up 2FA. Some of the best apps to manage your 2FA codes are:
If the website you’re creating an account with doesn’t support 2FA then ensure you use a very strong password. LastPass can help generate and remember complex passwords for you.
4. Use anti-spyware software
Spyware is one of the main ways cybercriminals steal your passwords.
Victims are often tricked into clicking an innocent-looking link or downloading a file. Usually, these are delivered via emails or other digital messages and appear legitimate.
However, when you click on them, they download spyware onto your device. Once this happens, the cybercriminal can monitor your activity, which may enable them to steal your passwords.
The best way to avoid this from happening is to use anti-spyware software like Certo AntiSpy for iPhone or Certo Mobile Security for Android.
These will scan your phone for spyware and tracking apps and help you remove them. Plus, they also allow you to control which of your apps can access things like your camera, microphone, and location.
Keep Your Online Life Secure
Hackers are becoming increasingly sophisticated and the number of cyber attacks is increasing all the time.
Using the techniques listed in this article massively reduces the chances of having your password stolen for a simple reason—hackers are lazy.
They won’t spend time trying to crack accounts that are well-protected when there are plenty of people out there with weak, poorly-stored passwords.
By just having basic security measures in place, you’ll immediately deter most cyberattacks.