Action Line: Protect your online passwords from identity theft
| Friday, Jun 04 2010 10:30 AM
Last Updated Friday, Jun 04 2010 10:30 AM
Editor's note: Action Line is a weekly column from the Better Business Bureau answering consumers' questions and concerns about money and business issues.
Dear Action Line:
I consider myself fairly knowledgeable about the Internet. I do online banking and make frequent retail purchases through online catalogs. I pay my bills from the comfort of my home and I exchange e-mail with all my friends and kids. I even have a Facebook page. But my son says I am wide open to identity theft. To prove his point, he easily obtained entry into my bank account, Facebook page and my e-mail account. I thought I was being careful, but now I am afraid to conduct any business online. What should I do?
Dear Reader:
Don't feel too badly. You are no different than many thousands of other online users out there in cyberspace.
Why did your son think you were at risk for identity theft? He made the same assumption that most identity thieves make: we are creatures of habit who frequently take the path of least resistance. Rather than remember multiple user names and passwords, we tend to use the same ones over and over again. And, just like you, most people pick user names and passwords that are short and easy to remember without prompting. For example, you used your first initial and last name as your user ID for all your accounts and your wedding date as your password.
It is important to pick a strong password. A good password is something known only to you (the name of your first grade teacher followed by the year you were in first grade or graduated grade school; the name of your first crush) and easily remembered so there is little or no need to write it down. Strong passwords also contain a mix of upper and lower case letters as well as numbers and non-alphanumeric characters (!@#$%^%^&*).
If your e-mail program supports pass phrases, think of something like "I saw my first circus when I was 8 years old." Or create a new, nonsensical "word" by using the first letters of the words in the sentence: IsmfcwIw8yo. Add complexity by using your favorite non-alphanumeric characters after a nonsensical word.
Want to see how secure your password really is? Try inserting it into this site to see how your password scores: https://www.microsoft.com/protect/fraud/passwords/checker.aspx.
It means more for you to remember, but you should have different passwords for different accounts for further safety.
If you sell your computer or replace its hard disk, you'll need to delete the password file, and then use a file-wipe utility to permanently erase the drive so that the new owner can't restore your password file.
Vickie Sanders is assistant director of business services for the Better Business Bureau serving Central California. Send your consumer concerns, questions and problems to Action Line at the Better Business Bureau, 1601 H St., Suite 101, Bakersfield, CA 93301 or vickie@bbbcencal.org.
