Creating a strong online password is your first defence against malicious activity on the Internet. Anyone who uses a computer, a smartphone or a tablet will need to create a password at some point. But are your passwords strong enough? It can be tempting to use the same or similar passwords for several different websites or apps. This can be a bad idea, particularly if your chosen password is something easy to guess such as your name or date of birth.
Here are a few tips to consider when creating passwords:
1. Make Every Online Password Unique
Having a unique password for each website or app you are required to log in to is a very good idea, particularly for things like email and online banking. Although security on a banking website is likely to be very good, if you use the same password on a website with less stringent security, you risk it being compromised on one and used to gain access to the other.
2. Make Your Online Passwords Random
Try to avoid using anything that is easy to guess, including personal information like your name, date of birth or address. These things are all very easy to discover and often the first things someone will try to get into your accounts. Also avoid, if possible, using real words or sequential strings of numbers (e.g. 123456789).
3. The Longer the Password, the Better
Short passwords are much easier to crack than long ones, so be sure to avoid anything less than eight characters and, if possible, go for something at least ten characters long. There are many thousands of times more possible combinations of ten letters and numbers than there are for eight letters and numbers.
4. Use a Mixture of Numbers and Letters
Once you start adding in symbols and mixed case letters, along with numbers, into your passwords, the possible variations rise to over 6 quadrillion (for an eight character password). The password A1z7yDbP, for example, is many thousands of times more secure than a1z7ydbp.
5. Using a Password Manager
For most people, keeping a written list of their passwords is perfectly okay as long as you make sure that it is not left in plain sight on your desk, etc. Even keeping a text document on your computer with you passwords listed is not usually a risk; just don’t call the file ‘Passwords’ and leave in on the desktop
A much safer way is to use a good Password Manager. These simple bits of software let you store your passwords in a locked file on your computer. As long as you have a very good password to get into the manager, your other passwords will be safe. You then only need to remember one password, instead of five or ten. Lastpass is a very good and free example of a password manager.
Avoiding Phishing Attempts
Phishing is the process of trying to find private information such as PIN numbers, passwords and user names by trickery. Sometimes spammers create fake websites that look like the login pages of well-known websites. When you enter your email and password on one of these pages, the spammer records your information and keeps it.
An increasingly common form of phishing is to randomly send out emails pertaining to be from banks; they ask the recipient to follow a link and confirm their online banking username and password. This is usually as a “security precaution” or because there is some supposed problem with your account.
When someone has been phished, their email account will often start automatically sending messages or links to a large number of their friends. These messages or links are often advertisements telling friends to check out videos or products. If you think your friend’s account was phished, tell them to change their password and run anti-virus software on their computer.