Use strong passwordsMake sure your password is 'strong'. A strong password is hard to guess and difficult for a computer to crack. In addition to regular letters and numbers, a good password also consists of capital letters, punctuation marks, and special characters such as #@&%. You can also use a long sentence, known as a passphrase. These are easier to remember. The longer the sentence, the safer. An example of a good passphrase is: “The Great Red Bookcase Walks 17KM?”.
- Create a passphrase instead of a password. Choose a secret phrase that only you know. This is often easier to remember than a complex password. An example of this is: "Because I want to use the internet safely = this is my password!".
- The more characters, the better (minimum 12 is recommended).
- Use lowercase, uppercase, numbers, special characters, and spaces.
- Never use obvious words or sequences, such as the name of your partner or children, or most common passwords such as 12345, qwerty, or welcome01.
- Do not create a password that is similar to one of your other passwords. If your old password is "BunnyRabbit12", do not create a new password that is very similar, for example "BunnyRabbit34". This is easy to guess, and therefore not strong enough. So, think of something completely different.
- Use a password manager. This means you only have to remember a single, strong password or passphrase and all your other passwords will be stored securely.
- Choose words that are not on password blacklists (such as ‘password’ or ‘admin’).
- Make sure the password or passphrase does not contain any personal information (for example, your child's date of birth or your partner's name).
- Do not use a company name or an abbreviation in your password.
- Do not use passwords that correspond to easy-to-guess formats such as calendar dates, licence plates, or phone numbers.
Safe handling of your passwordsImproper use of a password can result in others gaining access to your personal or business information. Of course, you do not want the competition to copy your customer and financial data, or for a cybercriminal to steal your company data and thereby commit identity theft (in Dutch).
- Do not give your password to anyone. Not even if a company asks for it.
- Do not let anyone watch you type your password.
- Use different passwords for different services.
- Change your passwords if you suspect they are known somewhere. For example, if a website of a service you use has been hacked.
- Do not leave your password lying around your computer, on your desk, or on your calendar. Never put a password in an email.
- Do not store your passwords unsecured on your computer. Encrypt the file or use a password manager.
- Generate all passwords with the password generator of your password manager.
- There is nothing wrong with writing down your password manager’s password and hiding it somewhere at home. Just do not write what it’s for. You know that yourself.
- Do not save passwords in the browser.
- Make sure you have a well-secured computer, smartphone, or tablet by providing it with the latest updates.
Use a password managerCreate different passwords for different services and devices. This way, if your password becomes known, you avoid all your accounts suddenly being accessible. A password manager can manage your passwords securely and centrally for you. Many password managers generate strong passwords for you themselves. This makes it easy for you, as you do not have to create and remember them yourself.
Password managers: digital safe for your login detailsA password manager is a useful tool for creating secure passwords and remembering them for you. It is a digital vault that keeps all your login details safe for you. To open this vault, use one master password or an easy-to-remember passphrase. The advantage is that you only have to remember this password or passphrase. In addition to storing passwords, a password manager can also create secure passwords for you. These passwords are long and consist of a combination of (capital) letters, numbers, and special characters. Some password managers also offer the option to securely store other data, such as notes, address information, email addresses, software licences, and payment information. In many cases, password managers are available as applications for your mobile phone, computer, and web browser.
Securing your password manager
Because a password manager is a vault that contains all your passwords and potentially other important data, it is important that you use a strong and unique master password/passphrase to protect your password manager. Make sure that you remember this password well, write it down (without indicating what it is), and store it safely. Read more tips about strong passwords (in Dutch).
If the master password is lost, you must prove that you are the owner of the vault by, for example, confirming your identity or using a backup email address or recovery function. If this does not work, in some cases you will even be completely excluded from your vault. In addition to using your master password, many password managers also allow you to use two-step verification (in Dutch). Then you do not only use the master password for logging in, but also a login code via, for example, your mobile phone. Or your fingerprint. With two-step verification, or the newer two-factor authentication, you can secure the security of your business applications.