🔐 Passwords & MFA¶
People roll their eyes at password advice — and fair enough.
It’s been over-complicated for years. But the truth is, a few small tweaks protect 90% of accounts.
💬 The simple rules¶
-
One account, one password.
Re-using passwords is like giving one key to every door in your life. -
Long beats complex.
TacoTuesdayWithNanna!is stronger (and easier to remember) thanT@c0#Tu3$. -
Use a password manager.
Bitwarden, 1Password, Dashlane — they remember so you don’t have to.
(And no, “Notes” on your iPhone isn’t a password manager.) -
Turn on MFA everywhere.
That’s the code or prompt that proves it’s really you logging in.
It stops 99% of account-takeover attempts cold.
⚙️ Types of MFA¶
| Method | What it is | Strength |
|---|---|---|
| SMS codes | Code sent via text | 🟠 Okay, but not great |
| App prompt | Authenticator app (Google, Microsoft) | 🟢 Better |
| Hardware key | Physical USB/NFC device | 🔵 Best |
Flagged Tip
Use app-based MFA wherever possible.
Text messages can be intercepted or SIM-swapped.
🤯 The password myths¶
- “I need to change them every month.” → Nah, that’s outdated.
- “Special characters make it safer.” → Length matters more than weird symbols.
- “Hackers guess my passwords manually.” → They don’t. They use automated lists from old breaches.
🧠 Habit stack it¶
Whenever you create an account:
1. Let your password manager pick something random.
2. Turn on MFA immediately.
3. Delete any password emails.
That’s it. You’re now ahead of 90% of users.
🎥 Watch & Learn¶
(Video: Why MFA matters and how it stops account takeovers.)
Next up: Social Media Traps