Your password is a gateway to all of your important information. If your password falls into the wrong hands, that person could impersonate you online, access your bank or credit card accounts, sign your name to online service agreements or contracts, engage in financial transactions, or change your account information.
Unfortunately, many people are still not taking the necessary steps to protect their accounts by using strong passwords. Far too often, passwords with simple combinations such as 123456, password, qwerty, or abc123 are being used. In other cases, people simply use their pet’s name or their birth date — information that can be easily found online, such as on a Facebook page.
To protect yourself, passwords must be difficult for others to guess but at the same time easy for you to remember. Here are some recommendations:
- Passwords should have at least eight characters and include upper case (capital letters) and lowercase letters, numbers and symbols.
- Avoid words and proper names, regardless of language. Hackers use programs that try every word in a dictionary.
- Don’t use personal information — name, children’s name, birth dates, etc. that someone might already know or easily obtain.
- Change passwords regularly — at least every 60 days. If you believe your system, or an online account you access, has been compromised change your passwords immediately.
- Use different passwords for each account you have.
- Make sure your work passwords are different from your personal passwords.
- DO NOT write down your passwords. If you need to remember your passwords, write down a hint to a password, but never the password itself. Store the hint in a safe place away from your computer.
- Do not share your password with anyone – attackers may try to trick you via phone calls or email messages into sharing your password.
- Decline the “Remember Password” feature in browsers.
- Always remember to log out when using a public computer.