This is the second article in our online security series – and it’s about passwords.
Using strong passwords is essential when it comes to protecting yourself online. Our Security Administrator has the following advice:
- 1. Never type your password unless the URL begins with https://.
- 2. Do not use the same password and security questions more than once.
- 3. Do not use simple/dictionary passwords (names, songs, movies, actors, latin names etc). Be smart and use a poem, proverb or phrase to create password. For instance, if you use, “I stand amid the roar Of a surf-tormented shore”, take the first letter of each word, and you get: IsatrOas-ts. You can always add some random characters as a prefix and suffix to be extra safe: .IsatrOas-ts,#. If you need any help generating a secure password, there are also sites that can do this for you – Norton is one of them.
- 4. Do not change your password by simply adding the next number at the end (eg IsatrOas-ts,1 –> IsatrOas-ts, 2 or IsatrOas-ts,1). These are too easily guessable.
- 5. If your account is ever compromised, change your password and security questions.
- 6. Never send your passwords and PIN number via email. Banks and other websites will never ask you for this information via email. If you receive an email that looks like a valid email from your bank and there are links to the login page, always be sceptical and verify the link carefully.
- 7. Use two-factor authentication to reduce the possibility of unwanted access to your account. Two-factor authentication adds an extra layer of security to your accounts – as well as your username and password, you’ll be asked for a piece of information that only you know in order to log in (eg a code that will be sent to your phone). Most of the main sites have implemented two-step verification (eg Google, Twitter and PayPal). And if you use a service like LastPass to store all your passwords, you should definitely use it with two-step authentication.