Beware: Weak passwords still a leading gateway for criminals!
Your first line of defence on the web is creating the strongest password possible to protect your computer, your data and your online accounts. Hackers have become increasingly sophisticated at password “cracking.” What may have been considered a strong password a few years ago may now be an open door to your computer. If someone steals your passwords, they can use your name to open new credit card accounts, apply for a bond, or pose as you in online transactions. They can also access your email, instant messages, contact lists and other personal information.
A recently published international study by the CPP Group, a customer relationship firm which helps victims of identity fraud, showed some alarming results: In an internet savvy country like the United Kingdom, more than 18 million internet users are at risk of fraud because they use the same password for their online banking, shopping and social networking account.
Some 40% of respondents admit that at least one other person knows their passwords, and 39% think these people may have logged in using their details. Another 10% said their web accounts had been accessed illegally, with 18% of them saying goods were bought in their name.
The research also revealed that many internet users rely on passwords that are easy for criminals to guess. Nearly 20% of respondents said they use pets' names, 12% use memorable dates, 10% use children's names and 9% use their mothers' maiden names.
With globalisation rapidly increasing, South African internet users face the same threats of online criminal activity as our international counterparts. Creating strong passwords becomes just as, if not more, important in protecting ourselves from identity theft and fraud.
How to create a strong password
Make it difficult for automatic decryption tools or guess work to decipher your password:
- Avoid dictionary words in any language. Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelt backwards, common misspellings and substitutions.
- Make it lengthy. Each character that you add to your password increases the protection that it provides. Aim to make your password at least 8 characters in length.
- Combine letters, numbers and symbols. The greater the variety of characters that you have in your password, the harder it is to guess or decifer using automatic password decryption tools. Make use of:
- Upper case (A-Z)
- Lower case (a-z)
- Numerals (0-9)
- Avoid sequences or repeated characters. ‘12345678’, ‘22222222’, ‘abcdefg’, or adjacent letters on your keyboard do not make secure passwords.
- Avoid using look-alike substitutions of numbers or symbols. Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an ‘a’ with ‘@’ or an ‘o’ with a ‘0’ as in ‘P@ssw0rd’. These substitutions can be effective when combined with other measures, such as length, misspellings or variations in case.
- Store passwords in a safe place. Be careful where you store the passwords that you record or write down and change your password(s) regularly. One of the most popular tools for password management is Roboform which not only takes the hassle out of logging in, but also encrypts and backs up your passwords. You can download it here: http://www.roboform.com/download.html
