How to Create a Strong Password to Protect Your Identity
By Dawn Papandrea
These days, most of us live part of our lives in the "digital world," from sharing fun news with friends and family via email or social media, to banking or shopping online. It's all about ease and convenience, especially if you're busy and on the go. But when you're active online, it's important to keep your personal information secure. That’s where creating strong passwords comes in.
You've probably heard by now not to use obvious passwords like "123456" or the word "password," but there are a few other advanced tricks to help you proactively defend yourself against identity theft. Generally, the harder you make it for the fraudsters, the more likely it is that they will move on to easier prey. So now the big question: How do you create stronger passwords? Take a look at the strategies below:
Be random. If your passwords contain some combination of your spouse's, kids' or pets' names and birthdays, they need a do-over. To take it a step further, avoid using common words or phrases, or anything that people who know you could easily guess (like "redsoxfan"). Instead, try stringing together random, unrelated words. The more random you can be, the better.
Use acronyms and misspellings. One easy way to boost the randomness of your passwords is to create an acronym from a quote or song lyric which would be difficult to guess. Or, if you're using real words and phrases, throw in a few typos.
Mix uppercase and lowercase letters with numbers and special characters. The more strange-looking your passwords are, the better. So instead of "nyrangers94," try "nYr@ng3rS_94*."
Go long. If a password needs to be between 8 and 25 characters, the longer the better. That's because extra characters make it more challenging for hacking software to crack.
Use phrases. Instead of "puppysitter26," try a mixed-up character version of a longer phrase, like "iLik3Tinypups&iCann0TlI3" (I like tiny pups and I cannot lie).
Change your most important passwords. First and foremost, it's smart to be extra vigilant when it comes to your email passwords. If someone can get into your email account and knows where you bank, all they have to do is head to your bank website and click the "forgot password" link to get in. Other important ones: Your Paypal account, banking accounts, anywhere you store your credit information (Amazon), Facebook, Twitter, etc. Once you get in the groove, you can go ahead and update the rest of your passwords as you go.
Use different passwords for each major account. If a hacker can get your Instagram password and it's the same one you use for your online savings account, you're putting your assets at risk.
Set up a reminder to update the passwords on your important accounts every few months. In a study by mobile identity company TeleSign, 21 percent of people said they have been using the same password across all of their accounts for 10 years. Changing yours often helps protect you from data breaches that might attack one of your long-standing accounts.
Consider a password management service. If the thought of creating random, complex passwords for your accounts (and updating them often) seems like more than you can manage, explore password manager services, which automate the process for you.
Use two-step authentication where available. Also called two-factor authentication or 2FA, this adds an extra layer of security, and you might already be using it for Google or other sites. An example of this is when a website or account sends you a temporary code via text or email to input in addition to your password. Check out TwoFactorAuth.org for a list of websites that offer this option.
Never share your passwords through text or email. Even if a loved one needs to access an account of yours, be careful about sending your information digitally since Wi-Fi and other network connections aren't always well-protected.
Don’t respond to emails requesting personal information. Even if the email says it’s from someplace you have an account, such as an e-commerce site or financial institution, go to the business’s website, or reach out to them over the phone to update your information. Remember, a merchant or banking institution will never ask you for your password or personal information via email or phone. If you receive an email asking for one, it's likely a phishing scam.
By following cyber-smart steps like these, you can avoid identity theft and keep on enjoying your digital life carefree.