These days, passwords and PINs are often required for all kinds of activities, from shopping online to connecting with friends on social media, and much more. With so many passwords to remember, you may be tempted to make them as easy as possible. The problem is when they’re easy enough for us to remember, they’re often easy enough for criminals to guess. Take “123456” for example or “password.” If you’ve used passwords like these, read on for five helpful tips for strengthening your passwords to increase your online security.
- Think creatively. You'll need to outsmart the cybercriminals, and this means creating a password that is uniquely you while still being hard to guess. Avoid using your birth date, anniversary, or a family member's name because the average cybercriminal can find any of these online, especially if they've been tracking you through social media. Instead, start with a word or phrase that is memorable to you, but can't be found online or in public records. Examples are a song you enjoyed in high school or a favorite memory.
- Go long – and complex. Now that you have something to build on, make sure the password is about 12 to 15 characters long and combines more than one word. A password built on a complete sentence is much harder for a criminal to guess than a single word. Consider substituting numerals and special characters for some of the letters in your password sentence to make it even more secure.
- Customize. With a strong password in place, you may think you’ve done enough and that you’re completely secure! Not so fast. If you use the same password everywhere you log in, you’re in danger of having all of your accounts compromised should your password ever be stolen. Criminals use technology to scour the internet with known login credentials. For this reason, devise an easy-to-remember way to customize your password for each site you use. For example, add to your password a few letters or numbers that represent the online account.
- Add layers of security. Multifactor authentication – the practice of requiring additional security steps at the time of login - is becoming more popular as more organizations implement it to try to stop criminal activity. Sometimes this requires you to provide an alternate method of contact, where you will receive a code you will use to log in. This verifies that it really is you logging into your account. You can keep this security in place every time you log in or designate certain devices as secure so that you only have to take the extra steps when you use an unknown device. When multifactor authentication is a set of security questions, be sure to choose questions to which only you would know the answers.
- Use a password manager. Once you've established a unique, personal password that's long, complex, and customized to each site, you'll find it's not that difficult to maintain as you use it for new accounts. Suppose you feel overwhelmed at the idea of creating and remembering strong passwords. In that case, you could opt for a password manager, software that generates, saves, and enters completely unique and secure passwords for you everywhere you log in.
Learn more ways to stay safe this season and all year long by visiting our Security and Fraud Center.