While safeguarding yourself online, creating a secure password has traditionally been suggested as the primary measure. Surprisingly, the significance of having a secure username is often overlooked even though it is just as vital as using a robust password.
Acting as your virtual identity, usernames are valuable assets that hackers seek to obtain. Although they are not as sought after as passwords, they can nevertheless be utilized to gain access to your online information. Hence, it is crucial to generate a distinct and secure username that will safeguard your accounts from threats and prying eyes.
In this post, we explore the concept of a username, the importance of establishing a unique and safe username, and share some recommendations to achieve this goal.
Definition of a username
A username is a combination of characters serving as your identification for an account or service, be it within a computer system or on the web. They can additionally be referred to as login names, user IDs, login IDs, or account names.
Functioning as identifiers, usernames assist in distinguishing and setting you apart from others or other accounts. This is unlike passwords, which are employed for authentication or confirmation that you are who you claim to be when logging into an account.
Below is a brief overview of both and their primary distinction:
- Usernames: Identifies your identity, whether in a computer, network, online service, or application.
- Passwords: Authenticates or confirms your identity, enabling account access when correctly provided.
Currently, most online platforms, social networks, games, and applications necessitate a username to proceed with using their services. While some websites may allow using your email address as a username, this is not always preferred practice and not always possible.
SEE: SMB Security Pack (TechRepublic Premium)
What is the importance of establishing a secure username?
Though it may seem logical to have a robust password, developing an equally secure username is imperative for the following reasons:
They are frequently involved in data breaches and leaks
During a significant data breach, hackers aim to obtain as much information about you as possible. This means they target not only passwords but also your phone number, address, email, and, of course, your username.
Since usernames and passwords are closely linked, a hacker possessing your username essentially gains 50% of your login credentials. This makes it substantially easier for cybercriminals to use methods such as brute force attacks or credential stuffing—essentially a high-powered trial-and-error technique to attempt account theft.
Usernames are public details
It is crucial to acknowledge that most usernames are publicly accessible since they function as identifiers. Consider your business’ LinkedIn account, Amazon account, or even your gaming username—all of these can be viewed by you, others, and hackers alike. In this context, they lack the same level of security as passwords concerning private information.
Therefore, I highly suggest generating distinct usernames for each of your accounts. Why? Suppose you consistently use one username across many accounts, including your email address. In that case, hackers can leverage your public username to locate all your other accounts. This renders you highly vulnerable to social engineering ploys, scams, or phishing attempts.
They contribute to building your online anonymity
Although usernames are public, they need not necessarily contain your full name. Consequently, having a secure username can be an excellent method to bolster your online privacy. If done correctly, no one theoretically knows which username is linked to your account. This enables you to browse the web without concern about others scrutinizing your online activities.
Utilizing usernames to segregate your professional and personal online lives can also help strengthen privacy. As illustrated earlier, you can employ a completely different username for your personal accounts. This permits you to keep your personal information private and maintain your business account concurrently.
How can I produce a secure username?
Thankfully, creating a secure username can be a simple process if you adhere to some essential steps. Here is what I propose:
1. Refrain from incorporating your complete name, address, or other personal particulars
Most accounts, except for potentially business accounts, will not mandate the use of your full name—and for good reason. Including your name in your username makes it simpler for hackers to identify you, subsequently uncovering your other accounts.
For instance, if your name is John Doe and your Amazon account username is “JohnDoe,” cybercriminals can effortlessly connect the dots and deduce that this Amazon username belongs to you.
Similarly, any personally identifiable information should not feature in your username, as this unintentionally provides hackers with more information to work with when attempting to hack your account.
Here are some pieces of data you should definitely steer clear of including in your username:
- Date of birth.
- Address.
- Email address.
- Phone number/s.
- ID numbers or PINs.
- Social security number.
- Your hometown.
Remember, given that usernames are public information, hackers have the same access to them as you do. In the scenario where you include something like your home address in your username, a tech-savvy hacker can exploit it to their advantage and potentially target you.
Hackers can also leverage any personal information within your username to respond to security questions. These questions serve as safeguards in most online services to validate your identity and permit you to recover or reset your password when needed.
required.
For instance, let’s assume your chosen username is JohnDoeAug11. In this particular case, a cybercriminal might deduce that “Aug11” represents your birthdate. Essentially, this gives the hacker access to both your identity and your personal information.
If you possess an online account that includes a security question asking about your birthday, the hacker could potentially use this information to gain unauthorized access to your account or login details clandestinely.
2. Refrain from reusing usernames for alternate accounts
It is crucial to stress the importance of refraining from reusing usernames when setting up a new account. Employing a fresh and distinct username every time you create a new account significantly diminishes the chances of your accounts being compromised.
While this may cause some inconvenience, I firmly believe that the additional layer of security you offer your accounts through this practice outweighs any inconveniences.
Furthermore, I advise against merely altering old usernames or making slight adjustments to them. The reason for this is quite clear. For example, having the username “techrepublic1.”
Even if we modify it to something like “techrepublic2,” it still leaves you vulnerable to potential compromises since hackers can easily sift through various iterations of your username in their attempts to obtain your credentials.
Avoid recycling used login information, following the same principle recommended for creating a new password. If you are interested in crafting a robust password, take a look at our How to Create a Secure Password guide.
3. Make it memorable for yourself but difficult to guess for others
Having explored what not to do, let’s consider how to effectively create a unique username from scratch. Since usernames can vary widely, one approach is to blend words that hold personal significance for you and only you.
I strongly recommend mixing words or phrases that hold personal meaning for you but would prove challenging for others to guess. Here are some concepts to consider when concocting your distinctive username:
- Your hobbies or passions.
- Your qualities or traits.
- Your preferred possessions.
- Old nicknames or monikers.
- Beloved films, games, or TV series.
Suppose you have a soft spot for dolphins and relish pizza. For you, perhaps “pizzadolphin37” as a username is a suitable choice.
It’s also recommended to incorporate random characters, such as symbols or numbers, at your discretion. Just ensure you can recall them easily.
4. Ensure your username and password remain unconnected
Another key point to remember is the necessity of maintaining your username and password as completely distinct terms. While this may appear obvious, linking your username and password in some way constitutes a risky practice.
Below is an instance of login credentials that share a connection:
- Username: RosesAreRed.
- Password: VioletsAreBlue.
While interlinked login details aid in memory retention, it’s crucial to recognize that both cybercriminals and their tools have advanced. Such a combination would not pose a significant challenge for seasoned hackers and adversaries.
5. Utilize a random username generator
Finally, you can opt to utilize online username generators that can automatically produce a username for you. Many of these username generators allow you to set specific criteria for your username, such as its length, whether it comprises random text or a coherent phrase, among other factors.
Below are a few online username generators that I’ve come across, offering a variety of options and settings you can adjust to generate your desired username:
A few password managers also incorporate username generators for your convenience, such as 1Password and Bitwarden. I will list these password managers below, providing additional insights to help you choose the most suitable one.
6. Securely store your credentials, possibly via a password management tool
As we previously discussed, password managers can be invaluable tools for storing and safeguarding unique usernames. Apart from password storage, password managers are designed to automatically preserve all the usernames associated with each account. This eliminates the need to remember all your usernames manually, as the password manager handles this for you.
Most contemporary password managers also feature autofill functionalities, easing the burden of recalling specific usernames and passwords for each account. With autofill capability, password managers will seamlessly populate the login fields on your behalf.
Password managers with username generators
If you wish to explore a password manager service, here are three options that I believe are worth considering.
Fortunately, all these password managers below feature a username generator either within their application or on their official website, making it easy for you to generate a unique username with any of them.
| Bitwarden | 1Password | NordPass | |
|---|---|---|---|
| Star rating | 4.6 out 5 stars | 4.3 out of 5 stars | 4.6 out of 5 stars |
| Starting price | $0.83 per month | $2.99 per month | $1.69 per month |
| Username generator | Yes | Yes | Yes |
| Standout feature | Free version with unlimited password storage and unlimited devices | Polished and intuitive user interface with travel mode capabilities | Modern XChaCha20 encryption, refined UI, and flexible subscription options |
Bitwarden
Should you desire a completely complimentary password management solution, Bitwarden stands out as one of the finest choices. The complimentary package offers boundless storage for passwords, a substantial advantage over other cost-free password managers that have restrictions on the number of passwords they can store. Bitwarden Free grants access to an infinite number of devices, allowing you to reach your encrypted vault from any device. Privacy enthusiasts value Bitwarden for its open-source nature and robust array of third-party audits.
For further details, please refer to our comprehensive Bitwarden review.
1Password
For individuals prioritizing a streamlined user experience, my suggestion is 1Password. Both its desktop application and browser extension boast sleek designs, facilitating the management of numerous passwords and accounts. From a security perspective, 1Password adopts a zero-knowledge approach to ensure that all your sensitive credentials are exclusively accessible to you. Additionally, 1Password accounts are encrypted end-to-end and utilize AES-256 encryption, the industry’s leading encryption standard.
To delve deeper, take a look at our thorough 1Password review.
NordPass
Should you be a fan of NordVPN and in search of a complementary password management tool, NordPass is worth considering. As Nord Security’s answer to password management, NordPass draws inspiration from their popular VPN by striking a balance between an elegant user interface and robust security. It employs the “future-proof” XChaCha20 encryption algorithm, boasts a modern and polished desktop application, and offers a variety of multifactor authentication methods. I particularly value its subscription options, which include a free version along with annual or two-year paid plans.
For more insights, browse through our exhaustive NordPass review.
About Author
