When creating online accounts, for any reason, it is important to use a strong password. When the Identity Theft Resource Center says strong password, we mean unique and un-guessable.
When possible, enable two-factor authentication on your accounts to minimize risk in the unfortunate event of someone obtaining your login information.
The ITRC also recommends choosing security questions where the answers are not easily attained via an internet search. For example, your mother’s maiden name is public record and should not be used as a security question or answer.
When setting up an account, the ITRC recommends the following guidelines to create a strong password:
- Use at least 8 characters
- Combine upper and lower case letters, numbers and special characters. Avoid using one capital letter at the beginning of the password as that is a common, guessable practice
- Consider using a phrase or short sentence
- Do not include part of your username or email
Creating a strong password is not always enough. You should also use the following best practices:
- Use a different password for all sites Ð even for the sites where you feel privacy is not an issue. By using the same passwords across multiple accounts, you leave your information vulnerable to credential stuffing.
- Do not trust a third-party person or company with your passwords. If you decide to sign up for a password management service, make sure to do your research. Ensure that your account password is extremely strong and that you always sign out when finished.
- Never write your passwords down in an unprotected location
- Do not store passwords on your phone or computer
- Do not let your browser save passwords or autofill information on your behalf
If you have questions or concerns about the use of your password, call an expert advisor for no-cost at 888.400.5530 or LiveChat with us.