Updated August 2, 2019 . AmFam Team
These days, most of us live part of our lives in the digital world. Sharing news with friends via social media, you manage your money and shop online all the time. On most sites, you gain access to your account with an email address or a user name and a password — but have you considered the strength of your passwords lately? Could hackers easily guess their way into your account? ID theft can happen to anyone, so we’ve put together these tips to help secure your accounts with hard-to-crack passwords that you’ll be able to remember.
Generally, the harder you make it for the fraudsters, the more likely it is that they will move on to easier prey. So now the big question: How do you create stronger passwords? Take a look at the strategies below:
Be random. If your passwords contain some combination of family or pet names and birthdays, they’re easily guessed. To take it a step further, avoid using common words or phrases, or anything that people who know you could easily guess (like "redsoxfan"). Instead, try stringing together random, unrelated words.
Never include any part of your SSN. Always keep your social security number secure, and don’t use it — or any portion of it — in your passwords. Doing so can expose you to greater levels of ID theft.
Use acronyms and misspellings. One easy way to boost the randomness of your passwords is to create an acronym from a quote or song lyric which would be difficult to guess. Or, if you're using real words and phrases, throw in a few typos.
Mix uppercase and lowercase letters with numbers and special characters. The more strange-looking your passwords are, the better. So instead of "nyrangers94," try nYr@ng3rS_94*.
If you’re like most people, you have a few go-to passwords that you use across most sites. That’s a real vulnerability, according to ID theft experts. Take a look at our advice on how to remember and manage complex passwords.
Use different, multi-character passwords for each major account. If a hacker can get your Instagram password and it's the same one you use for your online savings account, you're putting your assets at risk.
Passwords should be at least 12 characters long. Longer passwords exponentially improve the security of your data. Remember to use the whole keyboard, including upper and lower case, numbers, letters and symbols.
Use long, but easy-to-remember phrases. Instead of "puppysitter26," try a mixed-up character version of a longer phrase, like "iLik3Tinypups&iCann0TlI3" (I like tiny pups and I cannot lie).
Type a pattern into your keyboard. Creatively connect the dots across keyboard, stringing together letters and numbers, upper and lower case too. Typing out geometric shapes on the keyboard helps to ensure randomness.
Consider a password management service or app. If the thought of creating random, complex passwords seems like more than you can manage, explore password manager services like Dashline and Keeper Password Manager & Digital Vault. They’re great tools to help you build, automate and remember good passwords.
Tightening up the complexity of your passwords is a great start, but you’re not done just yet. Put into practice these simple measures to help safeguard your identity and keep your sensitive data on the cloud far away from brute force attacks.
Develop a new password for each login. If someone can get into your email account and knows where you bank, all they have to do is head to your bank website and click the "forgot password" link to get in. This includes your PayPal account, banking accounts and anywhere you store your credit card data, like Amazon and Netflix.
Change passwords regularly – at least every three months. In a study by mobile identity company TeleSign, 21 percent of people said they have been using the same password across all of their accounts for 10 years. Changing yours often helps protect you from data breaches that might attack one of your long-standing accounts.
Use two-step authentication where available. Also called two-factor authentication or 2FA, this adds an extra layer of security, and you might already be using it for Google or other sites. Check out TwoFactorAuth.org (Opens in a new tab) for a list of websites that offer this option.
Never share your passwords through text or email. Even if a loved one needs to access an account of yours, be careful about sending your information digitally since Wi-Fi network connections aren't always well-protected.
Don’t respond to emails requesting personal information. Remember, a merchant or banking institution will never ask you for your password or personal information via email or phone. If you receive an email requesting one, it's likely a phishing scam that’s designed to collect your sensitive data.
By following cyber-smart steps like these, you can avoid identity theft and keep on enjoying your digital life safe from hacking. While you’re improving your passwords take a few moments and check in with your American Family Insurance agent (Opens in a new tab) and inquire about our ID theft and credit monitoring coverage.