- Password Length and Passphrase
Your password should be over six characters long (and here’s why). A six letter password can be cracked in less than 15 minutes, depending on the targeted system.
Think “passphrase,” not “password.”
- No Password Patterns
Stop trying to remember all your passwords! Some people try to use memory tricks like cyphers and site name integration, but this can still be insecure if someone figures out your patterns.
- Storing Passwords
Never, ever store all of our passwords in a plaintext file, in any location, anywhere, ever.
- Security Questions
Choose security questions that are unique and unsearchable. And stop taking quizes that asks for your personal history about where you went to elementary school, the make of your first car, etc. and then posting the results on social media for the entire world to see.
- Password Manager:
Use a password manager like 1password and Keepass (and it's open source)
- Use Multifactor Authentication:
A method of requiring the person who wants access to an account to verify their identity in more than one way such as via mobile text, etc.
- Multifactor Hard Mode: Yubikeys: Small USB dongles that are similar to a personal smart card. They allow you to “unlock” and access your online account with several providers including Google, Dreamhost, LastPass, etc.
- Physical Access: Wipe Data Securely and Remotely
Being able to revoke permissions and passwords is useful if a device that uses them becomes lost or stolen. Apple’s Iphone , Android, Windows Phone and Blackberry allows you to wipe your phone remotely.
Thanks to the team at https://www.crashoverridenetwork.com/ for compiling many of the above resources.