Do you use social media? Do you do some of your shopping online? Do you use online banking? So many of us live so much of our lives online now. Yet when it comes to choosing passwords, many of us fall prey to not wanting to have to remember something too difficult - convenience over complexity.
Experian research has found that the average Brit has around 26 online accounts – many of them dormant – yet has an average of just five passwords. And the numbers get even higher for those under 34. It’s not hard to work out that with few passwords for many accounts, we are all potentially vulnerable.
Bad habits include using the same password for several different uses, or using easily guessable passwords. Up to 30 per cent of people use the same password for everything they do online on a daily basis.
Should that single password fall into the wrong hands, you could be rolling out the welcome mat to a cyber-thief.
If a fraudster does get access to your personal data, then any password that includes your first name, surname, birthday, home town, wife’s name, child’s name, pet’s name and so on could potentially be fair game.
It is best to try and make your passwords complex- something memorable for you but hard to guess even for the kind of specialised software the cybercriminals use.
One way is to start using combinations of letters, numbers and symbols – for example, initials of memorable words – to create a short sentence, not entirely unlike a text message. This would then become a suitable nonsense phrase that you can remember.
For example ‘David Brent’s bank account at Nat West’ could become “dbb1@nw” – a phrase that even dictionary software would find extremely tough as it contains no real words. Or something like ‘everton85’ could become ‘ev3r85t0n’.
One point though - a common way to avoid search-engines has often been to replace letters with similar-looking numbers – eg: ‘e’ with 3, and so on, as in ‘jon3s’ – but hackers are becoming increasingly familiar with this tactic and in many cases their databases can cope easily with spotting these changes.
It’s also an idea to keep separate email addresses when you register for online services, in addition to using separate passwords. It’s free to get webmail from several different providers. And try to keep antivirus and firewall protection on your home and work computers as up to date as possible.
Use a combination of upper and lower case and of numbers and letters where possible - never use a simple sequence of numbers like 123456 or abc123. You’d also be amazed how many people opt for 007 – although Bond would surely never be so obvious.
Avoid dates and names that could easily be guessed by anyone who knows you, such as family birthdays, children’s or pets’ names or anniversaries, and also avoid favourite sports, bands, song, film star and place of origin or birth.
It’s best not to convert your most commonly-used phone numbers into a PIN, in case your mobile is stolen and gives the game away.
Try to think laterally – for example, use your mother-in-law’s birthday, rather than your mother’s, or the date of your first kiss rather than your marriage.
Choose something memorable but not obvious. For example, you could create a series of passwords based on the third word of familiar songs.
Remember that you can check your credit report for signs of ID Fraud with a 30-day FREE trial of CreditExpert from Experian You also get peace of mind against the threat of Identity Fraud, with 24/7 monitoring, dedicated fraud resolution, and up to £75,000 insurance to cover costs.
Experian CreditExpert also provides alerts if your personal details appear unexpectedly online, so it is easy to protect yourself pro-actively. This always-on service scours the internet for mentions of members’ details and alerts them when they are found in new places. It also alerts members when applications are taken out for credit – often the first time people realise their details have been jeopardised.