editione1.0.0
Updated October 9, 2023It doesn’t matter what clever method or hoops you might have mentally jumped through to create your current password. Let’s start with a fresh slate, and reset it so you know for a fact it is unique.
Your password manager should help by suggesting a password that is very long and as random as it can technically be. If not, aim for at least 16 characters in length. Research has shown that it is more important to have a longer password. Mathematically, long passwords offer more possible combinations, which would take too long to guess even with today’s available technology.
Once you reset your password, all your previous logged-in sessions should also expire. This gives you the added comfort of knowing from this point forward, only you have access to your most important digital key. (Although this does mean spending some time logging back into your email on your phone, laptop, and so on.)
A long, long time ago it was perfectly OK to use just a password to access your account—since the availability of tools to guess your password was limited, and those accounts also didn’t have as much value as they do today. Nowadays, you need to take a few steps to prove who you are to make it harder for people to bypass or trick their way into your account. One essential way to achieve this is to use two-factor authentication.
Definition Two-factor authentication (2FA) is a security measure that requires two modes of identification before access to a system or application is allowed. You may also see such multi-step authentication processes called multi-factor authentication (MFA) (when more than two factors are used) or two-step verification (2SV) (which is almost the same, but the steps may be on the same device).* For simplicity, we’ll just refer to all of these options as 2FA in this book.
important 2FA is especially important for your email account.