Let's Start Creating Safe and Strong Passwords!

by News Editor on June 20th, 2013 in Security Tips.

A strong password is an important protection to help you have safer online transactions. Here are steps you can take to create a strong password. Some or all might help protect your online transactions:

•    Length - Make your passwords long with eight or more characters.

•    Complexity - Include letters, punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."

•    Variation - To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.

•    Variety - Don't use the same password for everything. Cybercriminals steal passwords on websites that have very little security, and then they use that same password and user name in more secure environments, such as banking websites.

Avoid creating passwords that use:

•    Dictionary words in any language.
•    Words spelled backwards, common misspellings, and abbreviations.
•    Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
•    Personal information. Your name, birthday, driver's license, passport number, or similar information.

Not sure where to begin? Don't worry! There are many ways to create a long, complex password. Here are some suggestions that might help you remember it easily:







Choosing the Best Passwords

Do:

•    Always use a password.

•    Choose a password with a combination of upper and lower case letters, numbers and keyboard symbols such as @ # $ % ^ & * ( ) _ +. (for example SP1D3Rm@n – a variation of spiderman, with letters, numbers, upper and lower case). However, be aware that some of these punctuation marks may be difficult to enter on foreign keyboards.

•    Choose a password containing at least eight characters. However, longer passwords are harder for criminals to guess or break.

Don’t:

•    Use the following as passwords:
•    Your username, actual name or business name.
•    Family members’ or pets’ names.
•    Your or family birthdays.
•    Favourite football or F1 team or other words easy to work out with a little background knowledge.
•    The word ‘password’.
•    Numerical sequences.
•    A commonplace dictionary word, which could be cracked by common hacking programs.
•    When choosing numerical passcodes or PINs, do not use ascending or descending numbers (for example 4321 or 12345), duplicated numbers (such as 1111) or easily recognisable keypad patterns (such as 14789 or 2580).


Looking After Your Passwords

•    Never disclose your passwords to anyone else. If you think that someone else knows your password, change it immediately.
•    Don't enter your password when others can see what you are typing.
•    Change your passwords regularly.
•    Use a different password for every website. If you have only one password, a criminal simply has to break it to gain access to everything.
•    Don’t recycle passwords (for example password2, password3).

•    If you must write passwords down in order to remember them, make sure they are meaningless to, and unusable by other people by writing them in code (substituting the characters in your password with others that you can remember, or easily work out).
•    Do not send your password by email. No reputable firm will ask you to do this.

Controlling User Accounts

Everybody who uses a computer should be assigned their own user account so that only they can access their files and programs. Each user account should be accessible only by entering a username and password in order to safeguard users’ privacy. Other user account features can also be set up in user accounts – including parental controls (Windows Vista and Windows 7 only).

Do not use an account with administrator privileges for everyday use, as malware could assume administrator rights. Even if you are the only user, set up an administrator account to use when you need to carry out tasks such as installing programs or changing the system configuration, and another ‘standard user’ account as your regular account. If you are not logged in as administrator, you will be prompted to enter an administrator password when you install a new device driver or program. You can manage user accounts in Windows Control Panel.