Stump the Identity Thief: 7 Tips to Create a Strong Password

According to the Internal Revenue Service, identity theft and credit card fraud are growing global concerns. From phishing scams to sophisticated hacking rings, cyber thieves continue to develop creative ways to compromise your personal information.

Internet security can be tenuous and, at times, easily breached, and both the IRS and Federal Trade Commission recommend you safeguard your personal information with a strong password. Here are seven password tips that will help you stump an identity thief and keep your information and financial accounts protected.

1. Don’t use your dog’s name. The IRS suggests that you refrain from using any personal information in your password. That includes Social Security numbers, maiden names, birthdays, anniversaries, the names of children, pets, or anything else that can be guessed, researched or discovered by a hacker.

2. Make them hunt through the “haystack.” Steve Gibson, security expert and president of Gibson Research, suggests using a password that is long and contains upper-case and lower-case letters and special characters. Using various types of characters in a long password increases the number of combinations a hacker has to try in order to crack your password. Gibson likens these attempts to figure out your password to finding a needle in a haystack; so, to hide that needle, you should use more characters, and characters of different types, to make the “haystack” larger.

3. Old passwords = vulnerable. According to the United States Computer Emergency Readiness Team (USCERT), it’s a good idea to change your password on a regular basis, especially after accessing accounts via a public computer.  If you keep the same password to a certain website for many years, identity thieves have that much more opportunity to decode it. A rule of thumb is to change your password every 45 days. It’s especially important to change your password after using it on a public computer, because browsers on public computers can, in some cases, store your passwords, making them vulnerable to theft.

4. Try a pass phrase. If you feel your memory is sharp, then consider creating a pass phrase. A pass phrase is a long string of unrelated letters, numbers and punctuation marks. While a pass phrase can be difficult for a user to remember, this type of password is also very difficult to crack.

5. Use a sentence. If you don’t think you’re going to be able to remember a cryptic string of characters, one idea is to think of your password as a sentence and then use the first letter of every word, mixing in caps and lower-case letters and a few numbers that you can remember, as the actual password.

6. Memorize all passwords. Do not store the information in a wallet, in a purse or on a cellphone. If you need to write the password down, be sure it’s stored in a secure location.

7. Do not use the same password for work and personal accounts. In fact, the USCERT recommends that you use a different password for each website account you access. That way, if one of these passwords becomes compromised, the thief will not have access to a second account.

While identity theft and credit card fraud are a risk, you don’t need to feel vulnerable or unprotected. Use these seven tips to create a strong password, and you’ll not only stand a better chance of stumping an identity thief, but you could also give yourself greater peace of mind when it comes to Internet security.