Secure your passwords
Passwords are the first line of defence against cyber criminals. It’s crucial to pick strong passwords that are different for each of your important accounts and it is good practice to update your passwords regularly. Follow these tips to create strong passwords and keep them secure.
Use a unique password for each of your important accounts like email and online banking
Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office - if a criminal gains access to one, all of them are compromised. So don’t use the same password for an online newsletter as you do for your email or bank account. It may be less convenient, but picking multiple passwords keeps you safer.
Keep your passwords in a secret place that isn’t easily visible
Writing down your passwords isn't necessarily a bad idea. But if you do this, don’t leave notes with your passwords in plain sight on your computer or desk.
Use a long password made up of numbers, letters and symbols
The longer that your password is, the harder it is to guess. So make your password long to help keep your information safe. Adding numbers, symbols and mixed-case letters makes it harder for would-be snoops or others to guess or crack your password. Please don’t use ‘123456’ or ‘password’ and avoid using publicly available information like your phone number in your passwords. It’s not very original and it isn't very safe!
Try using a phrase that only you know
One idea is to think of a phrase that only you know and make it be related to a particular website to help you remember it. For your email, you could start with “My friends Tom and Jasmine send me a funny email once a day” and then use numbers and letters to recreate it. “MfT&Jsmafe1ad” is a password with lots of variations. Then repeat this process for other sites.
Set up your password recovery options and keep them up-to-date
If you forget your password or get locked out, you need a way to get back into your account. Many services will send an email to you at a recovery email address if you need to reset your password, so make sure that your recovery email address is up-to-date and an account that you can still access.
Sometimes you can also add a phone number to your profile to receive a code to reset your password via text message. Having a mobile phone number on your account is one of the easiest and most reliable ways to help keep your account safe.
For example, service providers can use the phone number to challenge those who try to break into your account, and can send you a verification code so that you can get into your account if you ever lose access. Giving a recovery phone number to Google won’t result in you being signed up for marketing lists or getting more calls from telemarketers.
Your mobile phone is a more secure identification method than your recovery email address or a security question because, unlike the other two, you have physical possession of your mobile phone.
However, if you can’t or don’t want to add a phone number to your account, many websites may ask you to choose a question to verify your identity in case you forget your password. If the service that you’re using allows you to create your own question, try to come up with a question that has an answer that only you would know and isn't something that you've posted about publicly or shared on social media.
Try to find a way to make your answer unique but memorable - you can do this by using the tip above - so that even if someone guesses the answer, they won’t know how to enter it properly. This answer is very important for you to remember - if you forget it you may never be able to get back into your account.