As we start the new year, we should all commit to taking the steps necessary to be more secure both in our online and offline dealings. Throughout the year we will be providing advice and tips about how you can protect yourself from scams and identity theft.
We all have many devices and online accounts that require a password. While it is always a good idea to use dual factor authentication and other security enhancements when available, a good, strong password is still at the core of protecting yourself in the digital world. Unfortunately, too many people use common passwords that are too easy for an identity thief to guess and this can lead to identity theft. In addition, many people use the same password for each of their online accounts which puts them in jeopardy when a data breach at just one place provides the password to all of his or her accounts to a cybercriminal.
Each year the company SplashData does a study of the worst passwords commonly used. These passwords become available through data breaches and can be found on the Dark Web, that part of the Internet where criminals buy and sell goods and services. For 2017, the most common poor password was “123456,” which was also number one in 2016. “Password,” was the second most common poor password. “Football” was number nine; “iloveyou” number ten and, new to the list this past year was “starwars” which came in at sixteen and “whatever” which came in at twenty-three. Another new addition was the twenty-fifth most common poor password, “trustno1.” All of these are tremendously poor passwords that can result in your easily becoming a victim of identity theft.
This list represents another warning that you should have a unique and distinct password for each of your online accounts.  This is not as difficult as it may appear.  You can start with a strong base password constructed from a phrase, such as IDon’tLikePasswords and then adapt it for each account you have so that you will have a secure and easy to remember password for each of your online accounts.   Thus, your Amazon password could be IDon’tLikePasswordsAMA.
Whenever possible use dual factor authentication for your accounts so that when you attempt to log in, a one-time code will be sent to your smartphone to insert in order to get access to your account.  For convenience sake you can set up dual factor authentication so that it is only required if you are logging in from a different computer or device than you normally use.