Password Security 101: How to manage passwords and keep hackers at bay

“The world isn’t run by weapons anymore, or energy, or money,

it’s run by little ones and zeroes, little bits of data”

Sneakers, 1992.

This movie dialogue came out in 1992, but it perfectly suits our present world. Sneakers captured some of the darker areas of the web and shed light on cyber security, data protection, and cyber espionage. In 2017, the potential for privacy concerns is huge, and we have real-life examples of information security gone wrong: cyber attacks, data breaches, and government agencies accessing users’ personal data without permission. After incidents like last month’s Instagram data theft, which exposed personal data from celebrities and ordinary users alike, anyone could start to feel a bit paranoid about online security.

But all it really takes to protect our data from cyber criminals, malicious insiders, government, and foreign spies is to make our passwords hard to crack and to adopt a few basic security practices:

  • Store passwords in a centralized encrypted vault
  • Identify weak passwords
  • Replace weak passwords with strong ones
  • Use secure methods for sharing passwords
  • Change passwords after a data breach

1. Store passwords in a centralized encrypted vault

It is very common for people to write down their passwords on sticky notes or keep them in spreadsheets. But this is both hard to keep organized and highly insecure. To protect your accounts and confidential data, you should always keep your passwords in a centralized repository locked with a master key that only you know.

In a centralized repository, your passwords and other confidential data are stored in an encrypted format and can only be locked or unlocked with the private key. Even if the encrypted data gets into the hands of malicious users, it cannot be read in plain text without the master key.

2. Identify weak passwords 

Storing your passwords in a centralized encrypted vault is just the first step. Next, you need to discover which of your passwords are weak. A weak password is something that:

  • Has fewer than 12 characters
  • Contains repeated alphabets, numbers and characters.
  • Contains part of your username
  • You have already used in the past
  • Has been reused for other accounts
  • Contains easy-to-guess dictionary words

3. Replace weak passwords with strong ones

Once you are done compiling the list of your weak passwords, you need to replace them with strong and unique ones for each account. This step can be tiring and frustrating, but it’s essential if you want to strengthen the security the security of your online accounts. It is highly recommended to turn on two-factor authentication for all your online accounts for an additional layer of security.

4. Share passwords securely with friends, family, and co-workers

Never share passwords via telephone, email, or shared spreadsheets. Take advantage of automated tools to share passwords with fine-grained access permissions and clear accountability. You should always be able to tell who accessed what password and when.

5. Change passwords after a data breach

Security experts often advise us to change our passwords after a data breach. Set an alert for a term like ‘data breach, hacked’ on Google Alerts, or use websites like or to get the latest updates on data breaches and hacking incidents. If one of the services you are using gets compromised or hacked, change your password for that service immediately to ensure data security.

Put together, these five simple security best practices can help ensure the security of your online accounts and keep hackers at bay. Whether you’re an individual or a business, manually implementing password management best practices is a cumbersome and time-consuming prospect. But you can easily adopt all these security practices and more with the help of a password manager like Zoho Vault. Try Zoho Vault now.

About Zoho Vault

Zoho Vault is an online password manager for individuals and teams. It helps you securely manage your personal and enterprise passwords. The Personal Edition is free forever and supports one user. The Standard Edition starts at $1 per user/month, the Professional Edition costs $4 per user/month, and the Enterprise Edition costs $7 per user/month. For more information about the features and editions available, please visit


2 Replies to Password Security 101: How to manage passwords and keep hackers at bay

Leave a Reply

Your email address will not be published.

The comment language code.
By submitting this form, you agree to the processing of personal data according to our Privacy Policy.

Related Posts