Signing up for a new service could sometimes be a cumbersome experience because of the requirements set for creating a strong password. Having yet another password to remember is something most of us don’t like to deal with so we tend to reuse our passwords.

Unfortunately, password reuse is one of the main reasons behind people getting their accounts hacked these days. A lot of people reuse personal passwords for work accounts and vice-versa, making it easier for attackers as these passwords are usually very weak and easy to guess.

A little bit about passwords

Think of passwords as the key which unlocks the door to your room. In this case, the room being an account you are trying to log into which is basically the concept behind a password. The security of your room is as strong as the key used to unlock the door.

When it comes to creating a strong password, there seems to be a general misconception about what constitutes a strong password. When it comes to passwords, complexity is important. Take a quick look at the XKCD comic strip below.

This comic says that a password such as “Tr0ub4dor&3” is bad because it is easy for password cracking software and hard for humans to remember, leading to insecure practices like writing the password down on a post-it attached to the monitor. On the other hand, a password such as “correct horse battery staple” is hard for computers to guess due to having more entropy but quite easy for humans to remember as explained in this page.

Let’s quickly compare between two passwords kUE3gbRQ112 and edgy-outbound-earwig generated by Bitwarden’s online password generation tool in the screenshots below.

It is important to note that when instructed to create a strong password, “kUE3gbRQ112” is more complex for you the human making it difficult to remember but could be cracked in 4 months as opposed to “edgy-outbound-earwig” which is easier to remember and would take centuries to be cracked.

You can test your password strength using this free online tool by Bitwarden.

Creating and managing your passwords with ease

Imagine a world where all you need to remember is a single password to protect all your accounts and still have them secure. Well guess what, this has been made possible with password managers.

A password manager sounds scary to most, but it really is a simple concept. Password managers are like key holders which helps bind different keys together in a safe and secure manner. A key holder makes it easy access to all keys in one place — That’s the concept behind a password manager.

With a password manager, all you need to know is a single password (master password) to unlock the vault with a 2FA application (more on this later) and you’re good to go. 

At this point you must be thinking “Is this guy crazy? What happens should my master password get leaked?”. This is where 2FA comes in.

2FA is short for second factor authentication which basically serves as an additional layer security to help protect your account. There are different forms of 2FA such as Hardware tokens, SMS and Voice-based tokens, Software Tokens etc. This article goes into more details about 2FA.

The most common 2FA solution is a software token which can be downloaded for free. Examples of this are Authy, Google Authenticator, Microsoft Authenticator, Raivo OTP, Aegis etc.

Here are some quick tips to help secure your accounts

Get a password manager

I have tried password managers such as LastPass, 1password, Dashlane and iOS keychain etc. The password manager I currently make use of and highly recommend is Bitwarden.

Bitwarden is free, open source (available for audit), cross platform (available for Desktop, all Browsers, Android and iOS) and you can import your previous passwords from other password managers and browsers with ease. You can sign-up for Bitwarden at their site as well as create a strong master password using their free online tool.

Do note that Cyberverdict is in no way affiliated with Bitwarden.

Get a 2FA application

A 2FA application will provide an additional layer of security for your password manager and other accounts. This protects your accounts should your passwords get leaked from phishing campaigns, malware, insecure websites etc. Always enable 2FA on every account that supports it.

I recommend  Aegis Authenticator for Android and Raivo OTP for iOS/iPadOS/macOS.

Proactively monitor your accounts

Make sure to visit ;–have i been pwned? at least once or twice a month to check if your email, username or password has leaked somewhere. Also ensure doing this in the event of a major breach so you can respond by changing your passwords immediately.

Practice good password hygiene

Lastly, avoid reusing your passwords or writing them in notes unless they’re stored in a secure vault. Always ignore prompts to save passwords in web browsers as they are usually vulnerable to common attacks and exploits which exposes your credentials.

Wrapping up

Managing your passwords and accounts does not have to be such a difficult such a difficult task which is why password managers were developed. Besides making our lives easier, it also helps secure our accounts against hackers.  A follow up article will be released shortly to get you started with setting up both your password manager and 2FA application.

Hope this article helps you get started with securing your accounts better. If you have any queries, feedback or suggestions, please leave your thoughts in the comment section below.

• Author
• Recent Posts

Olusegun Omojokun

Olusegun is a cybersecurity professional with a drive to help people make more informed decisions on protecting their digital self in the cyberspace.

Latest posts by Olusegun Omojokun (see all)

• Managing your passwords — The right, secure and easy way - January 10, 2022