On-line theft and fraud cost its victims some $1.25 billion in 2004. As on-line businesses proliferate, our risk of a security breach - of someone obtaining our credit card details or bank account information - increases, too. Passwords are the first line of defense when it comes to safeguarding personal and private information. You can do a lot to make it harder for cyber criminals to decipher your password.
First, a few simple DO’s and DON’T’s:
- Don’t use your real name for your user name. It might have seemed convenient and logical a few years ago but no longer. If the cyber crook has your name, he may also be half way towards accessing your personal data, which makes cracking your private password a lot easier.
- Avoid common words, phrases or names. Some online thieves use programmed computers to keep generating words in the hope of find the correct one. Make it tougher for them by picking something unusual.
- Don’t use obvious choices for your password. Bear in mind that if a cyber criminal has your name, he may well also have easy access to personal data - information like your spouse’s name, your date of birth, your kids’ names and birthdays. Birth and marriage information can be easily uncovered. And some local authorities allow anyone access to various court filings and legal documents for a small fee.
- Do use a random word and/or numbers with no obvious associations to you or your family. If you want to make your passwords as impenetrable as possible, use a different password for each site login.
- Consider using a random combination of letters and numbers for your password. This makes you a tough target for automated computer efforts to crack your code.
Making your passwords less obvious is a good first step. But, don’t rest on your laurels yet. You are going to need some way to remember all your passwords. Don’t go to the effort of improving your password security and then jeopardize everything by storing it on your hard drive, or by tucking a printed list away in your desk. You are going to need to be a bit creative. Most crooks can figure out the "usual" hiding places - notes stuck on the undersides of desk drawers or put into a plastic bag at the back of the freezer. You might want to check out some ideas or security devices sold in specialty stores, or perhaps you have a good, unusual hiding place in mind. You might want to give your spouse or business associate "the clue" - a cryptic word or two that only mean something to you - in case you forget where you stashed your list.
Bear in mind, too that it is important to be very wary about providing details about your login name or password in response to emails from companies or services you use. Online phishing (as it is known) has become extremely sophisticated. The email you receive from Ebay, or your bank, may look completely authentic with all the right logos, slogans, and graphics in place, but, if the request is unsolicited and you are asked to verify your password, login and/or address in your response, don’t fall for it. Similarly, beware unsolicited phone calls requesting this information.