10 ways to scam-proof your password

23 November 2011

Although no password is completely unbreakable, by following our quick and simple tips you can give yourself a better chance against the fraudsters and lower the risk of your account being hacked.

1. Choose a long password

The longer the password the harder it is for a fraudster to guess and the ideal length is between 10 to 16 characters. Many websites automatically ask for a password with a minimum or maximum number of characters - always try to go for the maximum.

2. Mix & match

Try to make it as complicated as you can remember and include letters, punctuation, symbols and numbers. Use the entire keyboard, not just the letters and characters you use or see most often - the greater the variety of characters in your password, the better.

However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2".

If you think you've been scammed get in touch by leaving a comment below or emailing us on scamwatch@moneywise.co.uk and let us know exactly what has happened.

3. Change it on a regular basis

Keep it varied and change it often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites at least every three months.

4. Don't use the same password for everything

Although it may be tempting to use the same password for everything, cybercriminals know this and usually steal passwords on websites with very little security, and use the same password and username in more secure environments, such as banking websites.

If you want to check just how secure your chosen password is, use a free tool like the Microsoft password checker (microsoft.com/security/pc-security/password-checker.aspx).

5. Pick one you won't forget

Don't make your password too difficult to guess and if you struggle to remember it, create a memory device to trigger a password. Phrases tend to be more secure than single words.

Try choosing a sentence from your favourite song, poem or book, but mix it up by creating a password using the first (or even the last) letter from each word.

6. Don't use a single word

Never use a single word you might find in the dictionary in any language. Hackers often use an automated program - known as a 'dictionary attack' - to attempt the words of the dictionary. Also avoid using common sequences or repeated characters, such as, 12345678, 222222 or abcdefg.

7. Unclick the remember option

Don't allow your computer to remember your passwords. Even if no one else uses your computer, if it is stolen the thieves will be able to access your private information and even hijack your identity.

8. Mix different type of characters

Take advantage of the shift key; use the available characters - such as > or % - in addition to numbers and capital letters. Mixing different types of characters will make your password much more secure.

9. Don't be too obvious

Be careful about picking passwords that could be easily obtained by fraudsters - for example, your mother's maiden name, your home address or your date of birth.

10. Go random

Some of the most successful passwords are made up of four separate words with no link to each other.

Andi Hindle, spokesperson for Ping Identity, says: "There are no uncrackable passwords, but by choosing four random words, such as 'pink, chestnut, gin, barley,' you can create a password that is mathematically the hardest to guess." Remember, these are usually not allowed by certain systems that require a character limit and mixture of letters and symbols so try shortening the words.

Add new comment