Why I am a password champion (and you should be, too)

In 2016, I got the worst gut-wrenching Twitter direct message: “I think your account’s been hacked.”

Sure enough. I’d been hacked. And it was due to my own laziness – I had the same password for EVERYTHING. And that password had been hacked.

Thankfully, I was with my software engineer friend who taught me how to create a stronger password that I could remember (and have different ones for different websites). I spent the next 24 hours changing passwords. 75 that first day. Many more since.

This week, a friend reached out because they’d been kicked out of Facebook. Their personal account was taken over by hackers, then those jackwagons took control of my friend’s business account. And ad account.

It happened fast, while my friend was asleep. The hacker got into the personal Facebook profile, changed the email and phone number associated with that account. Then, the hackers took over the business account, kicking my friend and other admins out in the process. My friend had no connection to Facebook, and no way to report the issue. That’s why they came to me for help. (And we’re working on it, but it’s a long process!)

What does this mean for you?

Step 1: Check Your Passwords

  • Are you using the same password for more than one thing?
  • Are you using passwords that are more than a year old?
  • Have you been alerted that your password has been hacked or was part of a data breach?

If you answered “yes” to any of those questions, change your password immediately. (Password advice below.)

Step 2: Turn on two-factor authentication

Do this on Facebook, Instagram, Twitter, and your other social media profiles. If you own a business, this is a MUST!

Yes, it’s a pain in the backside, but it’s a much bigger pain when someone takes over your account and you have no access to even report the problem!

Step 3: Hide your friends on Facebook

Hackers create fake profiles for their nefarious plans so their face isn’t being used. THIS is why you’ll see fake profile requests from people you are already friends with on Facebook. If you hide your friends list, this makes it that much harder for them to use your face to create a fake profile.

But, Dawn – it’s so hard to remember passwords!

Yep. I feel ya. Words are my jam. Remembering passwords sucks. But this is the world we live in, so the best thing to do is make it work for you.

Creating a stronger password

If you have a MacBook or use Safari, you’ll get “strong password suggestions” all the time. Problem is, it’s hard to remember those when you’re trying to sync up an app, etc.

My FBI friends suggested these tips for creating a stronger password.

  1. Come up with a base phrase that you will remember, like: Roses Are Red.¬†Change out the letters with symbols or numbers. Like zero for “o” or the dollar sign for “s”.

Example: r0$3s@r3r3d

2. Most websites/apps want you to come up with an upper and lower case in your password. The FBI says 90% of people will put the upper letter at the beginning. Be the 10%. Use a lower case letter at the beginning and ALL CAPS for the rest.

Continuing our example: r0$3S@R3R3D

3. Now that you have your base password, you need to change it up for each website. Create a code for your social media/website accounts that you know, and add it to the password somewhere. Like the end or middle

r0$3S@R3R3DFACE

r0$3S@R3FACER3D

4. Finally – write these passwords down where you can find them later. Preferably nowhere digital, that can be hacked. Analog works great, like a password notebook, but sucks if you lose it!

Also – don’t use this password I just made up, because it’s too easy to hack…

Good luck out there.

Stay strong my friends.

Dawn Dugle is the Amazon Best-Selling Author and creator of the Flamingo Cove series – steamy romantic comedies with a body count.