With recent news about increasingly sophisticated scams affecting websites with huge databases – from social networking sites and music sites to internet phone services, it’s essential that we work hard to make sure our passwords are as safe as possible.
When it comes to choosing passwords, many of us fall prey to not wanting to have to remember something too difficult – convenience over complexity.
Bad habits include using the same password for several different uses, or using easily guessable passwords. Up to 30 percent of people use the same password for everything they do online on a daily basis.
Should that single password fall into the wrong hands, you could be rolling out the welcome mat to a cyber-thief.
If a fraudster does get access to your personal data, then any password that includes your first name, surname, birthday, home town, wife’s name, child’s name, pet’s name and so on could potentially be fair game.
It is best to try and make your passwords complex- something memorable for you but hard to guess even for the kind of specialised software the cybercriminals use.
One way is to start using combinations of letters, numbers and symbols – for example, initials of memorable words – to create a short sentence, not entirely unlike a text message. This would then become a suitable nonsense phrase that you can remember.
For example ‘David Brent’s bank account at Nat West’ could become dbb1@nw – a phrase that even dictionary software would find extremely tough as it contains no real words. Or something like ‘everton85’ could become ‘ever85ton’.
One point though – a common way to avoid search-engines has often been to replace letters with similar-looking numbers – eg: ‘e’ with 3, and so on, as in ‘jon3s’ – but hackers are becoming increasingly familiar with this tactic and in many cases their databases can cope easily with spotting these changes.
It’s also an idea to keep separate email addresses when you register for online services, in addition to using separate passwords. It’s free to get webmail from several different providers. And try to keep antivirus and firewall protection on your home and work computers as up to date as possible.
Remember that you can check your credit report for signs of ID Fraud with a 30-day FREE trial of CreditExpert from Experian. You also get peace of mind against the threat of Identity Fraud, with 24/7 monitoring, dedicated fraud resolution, and up to £75,000 insurance to cover costs.
Experian CreditExpert also provides alerts if your personal details appear anywhere unexpectedly online so it is easy to protect yourself pro-actively. This always-on service scours the internet for mentions of members’ details and alerts them when they are found in new places.
More tips for choosing a PIN or password
Use a combination of upper and lower case and of numbers and letters where possible – never use a simple sequence of numbers like 123456 or abc123. You’d also be amazed how many people opt for 007 – although Bond would surely never be so obvious.
Avoid dates and names that could easily be guessed by anyone who knows you, such as family birthdays, children’s or pets’ names or anniversaries, and also avoid favourite sports, bands, song, film star and place of origin or birth.
It’s best not to convert your most commonly-used phone numbers into a PIN, in case your mobile is stolen and gives the game away.
Try to think laterally – for example, use your mother-in-law’s birthday, rather than your mother’s, or the date of your first kiss rather than your marriage.
Choose something memorable but not obvious. For example, you could create a series of passwords based on the third word of familiar songs.