How to protect your account credentials

two-factor authentification

It is very important that your ExoClick account is kept secure. In this blog post we show you some best practices you can carry out to ensure your account credentials are protected. 

1 – Password tips

Hackers use specific software that goes through millions of dictionary words and searches for multiple character combinations. Potentially weak passwords are a security issue. These are some examples that you should definitely avoid:

  • Don’t use dates, names, or places could be found in public records that are posted online, or scraped off social media accounts, so avoid your birthday, pet names, partner names, nicknames, etc all of which can be sourced by a hacker from your social media accounts.
  • If you have had any personal email or social media accounts hacked, change your password immediately
  • Don’t use obvious sequences of characters, such as:
    • Close letters and numbers on English Keyboard: qwerty123, qazxswedcvfr 
    • Consecutive symbols !@#$%^&*.
    • Consecutive numbers 123456
    • The same number repeated 11111
  • Don’t use words that can be found in the dictionary, even if some of the vowels have been changed into numbers. Even if baseball, princess, or dragon seems random to you, they are not. Those words and more are commonly found among leaked passwords in data breaches.
  • Don’t use any string of characters that appears on a list of the most common passwords.
  • Do follow Google’s recommendations: Long passwords are stronger, so make your password at least 12 characters long. These tips can help you create longer passwords that are easier to remember. Try to use:
    • A lyric from a song or poem
    • A meaningful quote from a movie or speech
    • A passage from a book
    • A series of words that are meaningful to you
    • An abbreviation: Make a password from the first letter of each word in a sentence
  • Use a random password generator such as

2 – Set a Unique Password per account

A common practice is to use the same password across several different accounts you have. That is not a good practice, duplicate passwords are extremely risky especially from phishing attacks. Hackers that breach one of your accounts will use the same credentials to access other accounts such as email providers, social media, streaming services, etc.

In order to prevent this, it is highly recommended to never use the same password for more than one account, use unique passwords instead.

3 – Use a password manager

An easy way to have all your passwords under control is to use a password manager. Bitwarden, is an easy free open source tool to use, that allows you to access your sensitive information from anywhere on any device and ensures that you aren’t reusing passwords.

4 – Change shared credentials when a business relationship expires

We strongly suggest you take this one as a common practice and change passwords when an employee leaves a company, or you stop working with a 3rd party company that is sharing, for instance, your passwords or API Tokens. Remember that you can create/remove and enable/disable the API tokens in your Admin Panel account so that former employees or 3rd party companies cannot log in to your business accounts to ensure your data does not get compromised. You can find more information regarding How to use ExoClick’s Platform API v2 and set the API Token, simply check out our ExoClick Documentation.

5 – Check for Password leaks annually

Additionally, it is really important to check if your password has been leaked at least once a year. You can use these sites that will allow you to identify if this has been the case:

Juanma Cortes