The Federal Trade Commission reports that nine million Americans experience identity theft each year – a crime that can lead to everything from Social Security fraud to a drained bank account. Identify theft can start with a weak password, since hacking into an online account can lead to bank account information and other personal details such as birth dates and credit card numbers. Even hacking into a Facebook account can result in major fraud, as some Facebook users experience when hackers break into their accounts to impersonate them and solicit funds from friends.
Consumers play a big role in protecting their online accounts. Ignoring emails from strangers, never clicking on unfamiliar hyperlinks and using virus-protection software on smartphones and other mobile devices are just a few of the basic steps we should all be taking. Choosing secure passwords is one of the simplest strategies to an overall theft-resistant online existence.
The firm myID.com, which provides identity protection services, offers these seven tips for choosing a password that no one – person or machine – can guess.
1. Skip the obvious, simple words. "Words that you can find in a dictionary, even if written backwards or in another language, or with a simple number following the word are definite no-nos," warns the company. That's because hackers use software that automatically checks for commonly used words.
2. Avoid personal details. Stay away from any personal information, such as birthdays, sports teams or children's names. Anyone who knows you personally – or can find such information about you through social networking sites – will be able to make a reasonable guess at your password.
3. Go long. Longer passwords (more than eight characters) reduce the chances of a hacker making a correct guess. That's why many online companies require passwords to be at least eight characters long.
[Read: How to Avoid Online Ticket Scammers.]
4. Use those old elementary school memory tricks. If you want an easy way to remember a complicated password, try making up a sentence about it. For example, "I love my dog Harry so much" can translate into the hard-to-guess password "ILMDHSM."
5. Change often. Switch passwords as often as you change your air conditioning filter. That's about once a month for online financial accounts. Other accounts should be changed every three to four months, according to myID.com.
6. Be original. Repeating the same or similar passwords across many accounts might make them easier to remember, but they leave you vulnerable, since a breach in one account can quickly lead to a domino effect of multi-account hacking.
7. Don't share. Keep passwords to yourself and try to avoid storing them on your computer or smartphone where others could see them, including hackers. MyID.com says they belong in your head or a locked safe.
Following all these rules can be cumbersome, but when it comes to protecting your finances and identity, it's worth the effort.