If you use a family name, a pet’s name, a birthdate or numbers between 1 and 6 as your online password, you are an easy target for a hacker.
The recent cyber-attacks on a spate of organisations has emphasised the importance of choosing strong passwords that can’t easily be discovered. An alarming 25% of the top most common passwords are first names and the average password people use (and hackers know about!) is six characters and all lower case.
The security risk becomes even greater if you are one of the 73% of Australians who use the same password for multiple sites. Once a hacker has discovered your password for one site, they will use automated software to fire it at a whole bunch of other sites.
Here are some Do’s and Don’ts on password creation.
DO
- Make your password eight or more characters.
- Use a mix of all character types: ABC, abc, 123, @$!&
- Make a diary reminder to change it regularly-January each year is an easy time of year to remember;
- Use a password manager to help generate strong passwords and remember them for you;
- Construct a password from a sentence or the line of a song;
- Enable 2-step authentication if a website allows (such as Gmail and banking websites)
- Change your password regularly.
DON’T
- Use passwords like ‘abc1234’, ‘password’, ‘admin’, ”iloveyou’, ‘aaaaaa’ – these were the most popular passwords discovered after Adobe’s systems were hacked;
- Use public information like kid’s names, anniversaries, partner’s names;
- Let your web browser remember important passwords for you;
- Use the same passwords for multiple accounts;
- Log into private accounts on public computers;
- Send your password via email or store it in plain text on your computer;
- Use complete words – they are much easier to crack;
- Use famous phrases, movie titles, song lines.
How do you make a unique password for your email (& everything else), that you can remember?
Experts advise that not only should you have a different password for every site, but also that you make your password as long as possible and change it regularly.
To make a password easy to remember, think of a sentence and change some of the characters (known as a pass phrase) using the following steps:
- Write a sentence that means something to you. For example: “I need to learn about the finance industry”. Then make the first letter of each word of the sentence a part of the password, in sequence, eg. INTLATFI.
- Then make some of the letters lowercase/capitals, in a way that makes sense to you, eg. INtLatFI.
- Then make a couple of the letters numbers (that are close to letters in your mind), eg. 1NtL4tFI
- If you want to make that password unique and for many sites, you can use a word at the end in this instance, for example 1NtL4tFIfacebook, 1NtL4tFItwitter, etc, but only use words in this instance.
As a final tip, never share your password, however if someone absolutely has to access something using your password, write it on a scrap of paper, and destroy it once transferred. Never share it via email as then the entire process (items 1-4) is a waste of time.
*This information is general in nature and does not take into consideration your individual circumstances. Please contact us for further information.