The DOs and DON’Ts of Internet Passwords

Internet passwordsStaying safe online isn’t just about good internet security and responsible browsing. Every time you create an account with a website, you’re placing your personal data in someone else’s hands, potentially making it susceptible to data theft. Unless you want to abstain from shopping, social media and online email services, it’s a risk you’re going to have to take. However, there is something simple you can do to make your data that little bit more secure. It’s usually case-sensitive, over 6 characters long, and contains both letters and numbers.

This guide will look at some of the major DOs and DON’Ts of password management.

DON’T make it obvious
Apparently the most popular password choice of last year was 123456. The second most popular choice was ‘password’. Other popular choices included ‘football’, ‘qwerty’ and ‘starwars’. Oh dear! When you’re coming up with a password, you need to avoid sequential numbers, commonly-used words or any other guessable information such as your name and date of birth. Ideally, you want to avoid using real words altogether.

DO use a mixture of letters, numbers and special characters
When coming up with a good password, you need to start with something that’s personal to you, but not obvious. If you like football, then you might think ‘football’ is a good password because you won’t forget it. Remember that any decryption software is going to search for real words first, and ‘football’, being one of the most popular, is going to be at the top of the list. You have to be cleverer than that if you want to minimise your chance of being hacked. Think of something obscure, but memorable – perhaps the surname of someone you went to Primary School with but haven’t seen since…

Your password is now ‘bigsby’. It’s a good start, but it’s still weak. Let’s replace one of the letters with a numbers – making it ‘big5by’. That’s much better, but we’re not quite finished. Some sites require a password to be eight characters long, so we need two more. Often they will ask for at least one special character (!, #, $ etc) as well. Let’s go with ‘b!g5by’ and stick a two-digit number on the end. Don’t make it your birthday or wedding anniversary. Think of a number you can remember but isn’t particularly significant to you. Something like 39 – the year WWII started, 63 – the year JFK was assassinated, or 89 – the year the Berlin wall came down. It all needs to be a bit ‘random’…

So now you’ve got a password – ‘b!g5by39’. It looks like a load of random characters, doesn’t it? That’s good – it makes it much harder to decrypt. However, we didn’t come up with those characters randomly, so it’ll be easy to remember, won’t it? It’s not as easy to remember as ‘football’, but we’re sure you can still commit it to memory.

DON’T write it down
Having trouble remembering your password? Don’t be tempted to write it on a post-it note and stick it to the corner of your screen. That’s a terrible idea – especially at work. If you find that you’re struggling to remember it, change it to something better. Never write your passwords down – even if it’s a load of PINs and passcodes for online banking. You have to commit them to memory. If your house was burgled, that little piece of paper in the top drawer of your desk with all your access codes on is the most valuable thing a thief could lay their hands on. It shouldn’t exist. Keep those passwords in your head.

DON’T use the same password for every site
Sometimes websites get hacked. Even if they’re doing everything in their power to prevent a cyberattack, there’s always a chance that your data will be pinched. If you use the same password for everything, then the hackers could access your email, your social media, and perhaps even your bank or PayPal account. Don’t let that happen. Use different passwords for every site you register with.

DO come up with a system
A basic system of password variation is to use your main password (b!g5by39) and add two letters to the start which correspond to the website you are using. For example, your Facebook password would be FBb1g5by39 and your Amazon password would be AZb1g5sby39. It’s better than having all your passwords the same, but to be cleverer perhaps the letters could surround the password – Fb1g5by39B. Or perhaps you’re could use the second and third letters of the website name and insert them in a specific point in your password? You need to come up with a system that works for you – one that isn’t too simple to crack or too complicated to remember!

TOP TIP: The most important password is the one you use to access your email account. This account can be used to reset the passwords on pretty much every other site you use. With that in mind, it’s best to use a completely different password altogether for your account.

DO change your password regularly
Every now and then it’s a good idea to change your password. You’ll have to leave Bigsby behind and come up with something new. Take a few minutes to go through your accounts and update the new password. Don’t worry if you forget some of them. As long as you can remember the password to your email account, you’ll always be able to reset your password for other sites if they lock you out.

So there you have it. Take these tips on board and spread the word by sharing this article with your friends and colleagues. Remember, using ‘password’ for your password is like leaving your house without locking the door. Why make it easy for the criminals?

- – -

These tips are written as guidance and to raise awareness only and do not represent advice.