Madli Tiigirand, a cybersecurity trainer at the Estonian IT Centre (RIT), highlights that the biggest mistake people make with passwords is reusing them. “If one password is leaked, it can grant access to other platforms where the same password is used,” warns the expert. “This is why it’s crucial to use a different password for each platform.”
How to remember different passwords?
According to Tiigirand, many people write down their passwords on sticky notes, save them on their phones, or store them in cloud-based documents. However, these methods are not secure. Instead, she recommends using a password management application.
“Secure password management apps store all your passwords in one place,” Tiigirand explains. However, she stresses the importance of doing thorough research before choosing such software. “Check if the software is regularly updated and read what other users, such as those in trusted forums, say about the app,” she advises, adding that comparison lists can also serve as helpful sources of information.
Create your own password instead of relying on auto-generation
Tiigirand encourages users to create their own passwords, using unique phrases that are long and complex. “For example, you could think of a phrase related to a memorable event or detail from your life, using a mix of uppercase and lowercase letters, numbers, and symbols,” she suggests. When using symbols, ensure they are available on all keyboards. “It’s important that your password is something only you know and is not easy to guess,” she explains.
She also highlights the importance of changing default passwords that come with devices. “This applies, for instance, to pre-set Wi-Fi router passwords, which might seem long and complex but could actually be found online based on the device’s name,” she notes.
Use two-factor authentication or biometrics for added security
To enhance account security, Tiigirand recommends setting up multi-factor authentication (MFA) wherever possible. “This is a highly effective way to protect your accounts. It might involve receiving a one-time code via phone or using Smart-ID to log in, as it includes multiple security elements,” she explains. She mentions Google Authenticator and Microsoft Authenticator as some of the most secure and user-friendly MFA options, which are free to download.
Additionally, biometrics – such as facial recognition or fingerprint scanning – are among the most secure authentication methods. “If your device and platform support these features, I strongly recommend using them,” says Tiigirand, adding that the world is moving toward biometric authentication. “Even today, screen locks have been replaced by facial recognition,” she adds.
In conclusion, Tiigirand points out that password management should be somewhat inconvenient. “If using passwords were too easy, it would be just as easy for attackers,” she says. The most critical steps in securing your accounts are avoiding password reuse and creating strong, unique passwords, which can be managed with a dedicated password management app. For optimal protection, the expert recommends using multi-factor authentication or biometric verification.
