With high-profile data breaches making headlines, protecting your identity is an ongoing concern. Cybersecurity experts at Generali Global Assistance, Florent Secula, COO, North America, and Paige L. Schaffer, president, Identity and Digital Protection Services, share their best practices for creating passwords and safeguarding your identity online.
Avoid The Obvious
“The password is an entry point to your personal life,” says Secula—however, passwords shouldn’t be personal. Information like birthdays and pets’ names is low-hanging fruit for hackers. So are real words in general, like “password,” which is one of the most commonly used. Think you’re creative? Not if your password ends in a number between 0 and 99.
Don’t Recycle Passwords
“Criminals have sophisticated algorithms that will hack your Yahoo account, your Facebook account, your Google account, and once they’ve got that same password, they’ll try to use it on all the critical sites,” says Schaffer. This is risky, as the average user has 26 accounts, but only uses five different passwords.
Passwords should be at least 12 characters in length and contain different “character classes,” such as uppercase letters, lowercase letters, numbers and symbols. Consider that an eight-character password chosen from all 95 characters on a standard keyboard is one of 6.1 quadrillion possible combinations.
Monitor And Update
Updating passwords every six months, using at least one credit-monitoring system to alert you to suspicious activity and ensuring that fraud alerts are activated for bank accounts are a few free and easy ways to limit liability.
As criminals become more sophisticated, you may want to consider other, more proactive layers of protection. “From a preventive standpoint, anti-phishing and anti-keystroke logging (which garbles your password immediately after it’s typed in) are a big deal,” says Schaffer.