How to Secure and Protect Your Password

A few days ago, I shared with you ways through which you left your password exposed or vulnerable. Today, I will try to describe measures you can take to secure and protect your password. In Kenya, however, passwords seem secondary to PINs (Personal Identification Numbers). We need a PIN number for basically almost all our applications and transactions. PINs, thus, become data assets, and just like passwords they need to be secured. So, how do I make sure that my password is protected?

Choose Strong Passwords

I will begin with the most obvious approach, setting a strong password. A strong password makes it difficult [but not impossible] for anyone to guess it. Therefore, a strong password alone is not sufficient to secure your cyber space. Do not use your favorite teams, colors, birthdays or anything that can be easily associated with you as your password. For those using Google Chrome, you can use the inbuilt password generator for your passwords. As for other browsers, I am sure there are plugins and addons that can help you generate strong passwords.


Before I forget, change your passwords regularly. Very important!

Unique Password for Each Account

If you read my previous post then you must know that I was compromised because I used one password for multiple accounts. If you are doing this, PLEASE STOP IMMEDIATELY. Make sure that for each account you have (Facebook, Twitter, LinkedIn, Instagram etc.), use a unique password.

Use Incognito or Private Browsing on Public Computers

Many of us still access major internet-based services from a cyber-café, office, or other publicly accessible facility. If this describes you, it would be painless to use the incognito mode in the browsers. Google Chrome, Mozilla and other major browsers have this functionality. The advantages of using incognito mode over the standard browser is that passwords are not saved on the browser, internet history, searches and cookies will be deleted once you exit, among many other reasons.

Verify Links before Entering your Password

If you happen to receive an email asking you to change your Facebook Password, for instance, verify the link from the browser address before entering your details. Sometimes Facebook, or any other account, can send you a genuine request to change your password. Make sure that you are on that account’s official sign in page by checking the url address. Furthermore, avoid clicking links sent to your spam folder (not all though, tricky…I know) or through personal messaging or chats in your social network from people you do not know. This will help reduce cases of phishing.

If available, Use Two-Factor Authentication

If your online account has the provision to set up two-factor authentication, grab that option as quickly as you can. Two-factor authentication adds a second layer of security over your account. Most banking services have this option. With this service, once you log in, you may be required to enter a code sent to your email address or phone number in order to access your account. Two-factor authentication ensures that even when your password is stolen, the hacker may need access to your email or phone to gain access your account. See how important and useful this is?

Keep your antivirus Updated

When your antivirus software is active and updated, you will be safe from malware that may try to install keyloggers. Moreover, some antivirus software, such as Avast, have a browser plugin that will notify you when you are about to visit a potentially harmful website. Antiviruses, a topic for another day, are underappreciated. So, always ensure that your device is under the protection of an active and an up-to-date antivirus software. If I were to sum up my article, I would say invest in a good antivirus software. The experience would be life-changing.

In conclusion, the safety of your password is your sole responsibility. You not only need to understand how to secure and protect your password, but also need to effect the recommendations made. I know some of you feel that you have nothing to lose when your Facebook or Twitter account is compromised. Well, maybe you are right. Maybe it will not be such a big deal when your compromised account is used to post criminal information (say a murder, send out phishing emails) and so on. Maybe all is vanity, right?

Jones Baraza is the founder of Swift Intellect, a software and Cyber Security firm based in Nairobi, Kenya. He is also the founder and project manager for IsVipi OSSN, an open source social networking software with over 1 million downloads. He is passionate about tech and security. You can follow him on Twitter @JonesBaraza