Threats


Choosing a good password is vital to being secure online. Just follow a few golden rules, which a surprising amount of people ignore. Three of the most common internet passwords? 'password', 'monkey' and '123456'.



Why are passwords important?

We now use the Internet for a wide range of activities, including online banking, online shopping and online research. Increasingly, we’re also using the Internet to socialise. In the last few years there's been a massive growth in the number of social networking sites such as Facebook, MySpace, etc. We share all kinds of personal details as well as music, pictures, and videos.

Unfortunately, the more personal details we make available, the more exposed we are to online identify theft. Identity theft is when a criminal steals confidential personal data that lets them fraudulently obtain goods and services in your name. A cybercriminal could, for example, open a bank account, obtain a credit card or apply for a driving licence or passport. Or they could simply steal money directly from your bank account.

Given that passwords protect such valuable data, they're clearly very important. You should protect all your online accounts with passwords - but you must be careful when choosing them.

Passwords help safeguard you against identity theft. They make it harder for cybercriminals to profile you, access your bank account (or other online accounts) and steal your money.


Choosing a good password is an important part of lowering the risk of becoming a victim of cybercrime. The following guidelines should help you when choosing passwords for your online accounts.

How to choose secure passwords

Make your passwords memorable, so that you don’t have to write them down or store them in a file on your computer (remember, this file could be stolen by cybercriminals).
Don’t use real words that a hacker or cybercriminal can find in a dictionary.
Use a mixture of uppercase and lowercase letters, numbers and non-alphanumeric characters such as punctuation marks (although the latter are not always allowed).
Don’t recycle passwords, e.g. don’t use 'password1', 'password2', 'password3', etc. for different accounts.
If possible, use a passphrase, rather than a single word.
Don’t use the same password for multiple accounts. If a cybercriminal finds the password to one account, they can use to access other accounts.

How to keep your passwords safe

Don’t use obvious passwords that can be easily guessed, such as your spouse’s name, your child’s name, pet's name, car registration, postcode etc.
Don’t tell anyone your password. If an organisation contacts you and asks for your password, even by phone, don't give them any of your personal details. Remember, you don’t know who’s at the other end of the telephone line.
If an online store, or any web site, sends you an email confirmation that contains a new password, login again and change your password immediately.
Check that your Internet security software blocks attempts by cybercriminals to intercept or steal passwords.


When choosing passwords:

Make them memorable;
Keep them secret;
Don’t be fooled into disclosing them to seemingly legitimate organisations;
Mix uppercase and lowercase letters, numbers and non-alphanumeric characters;
Don’t use the same password for multiple accounts;
Don’t recycle passwords ('password1', 'password2', etc.).