Seven common password mistakes and how to avoid them

It seems everything you do online these days requires a password. Once upon a time, creating an online password was easy. All you had to do was think of a word that meant something to you – perhaps your pet’s name or your favourite sporting team.

Then word got out that hackers were taking advantage of simple passwords to gain access to private and personal information. Many people give little thought to their passwords, creating short, easy-to-remember passwords that can be defeated by hackers in mere seconds. 

It pays to get your password right and create a password that greatly reduces the chance of your online accounts being hacked.

Saga Home Insurance provides cover that goes beyond what you might expect. For more information and to get a quote click here.

Here are the common password mistakes to avoid…

1. Using your personal data

Many people create passwords based on personal information that’s all too easy to find out.

Never use a password that includes personal details, such as your birthday, your address or the names of your spouse, pet or children. Avoid giving out information such as your first car, the street you grew up on or your first pet's name on viral social media posts requesting what appears to be mundane personal information – you have no idea who might see that information and what they might do with it.

Is it safe to leave your phone charging overnight?

2. Using common passwords

They may be easy to remember but passwords such as ‘123456’ , ‘abcdefg’, ‘qwerty’, ‘letmein’ and ‘password’ top the list of the most common passwords people use – and are the first passwords even a novice hacker will try. 

Don’t grab a dictionary to choose a password either. Hackers can quickly check hundreds of thousands of entries in seconds using software. Choose a complex, random password that uses a mixture of letters, numbers and special characters.

Eight warning signs that your identity has been stolen

3. Making your password easy to find

Jotting down your password on a post-it note or piece of paper and keeping it next to your computer is a bad idea – it’s like leaving your front door key in the lock. 

Choose passwords that are memorable enough that you don’t need to write them down, but if you must, then keep them in a secure location away from your computer or use a password manager.

Nine essential iPad and iPhone security tips

4. A password that's too short

The shorter your password, the less secure it is. 

Hackers use software to crack passwords and the longer it takes, the more likely they are to give up and move on to easier prey.

Each additional character in your password dramatically increases the time it takes to crack. So use a password with at least eight characters, although 12 or 14 characters are better. 

Don’t simply add a couple of digits to the end of a password to lengthen it as hackers expect this. It's best to scatter numbers throughout the word.

Saga Home Insurance provides cover that goes beyond what you might expect. For more information and to get a quote click here.

5. Not complex enough 

Avoid using passwords containing all letters or all numbers, especially if sequential, such as ‘1234abcd’. 

Make sure your password includes both upper and lower case letters, numbers and keyboard symbols. 

However, avoid common patterns easily spotted by hackers, such as putting two or four numbers before or after the letters or adding just one symbol, such as ‘!’, at the end of the password.

Try creating a code that only you could understand the logic behind - for example, swapping out every vowel in your password for the numbers of your birth date.  

What are cookies?

6. Using an old password

Using the same password for years can be a mistake as someone may acquire your password and use it to snoop or steal over an extended period of time. 

Regularly changing your password prevents this from happening; however creating a strong but memorable password each time can be challenge, so consider using a password manager.

Be wary of callers who claim your PC is broken or has a virus. Find out more...

7. Using the same password

Using the same password for multiple accounts poses a security risk. If a hacker cracks your password, he can then access all your other accounts that use that same password. 

Always use a unique password for each of your online accounts. To get an idea of whether any of your old accounts have been hacked visit Have I Been Pwned? (haveibeenpwned.com) and enter your email address. This will let you know whether that account is on lists of data from compromised websites, and what information they have about you. 

Tips for creating secure passwords – and remembering them

If you have a good memory, you might be able to remember one or two more complex passwords for accounts you use regularly, but most of us now have multiple accounts that require this security measure.

How can you possibly remember online passwords if they look like S!3x@7yp? Fortunately, it doesn’t have to be quite so complicated.

Experts agree that you should follow three rules when choosing passwords:

• Each password should be different
• Passwords should not be related
• Passwords should be difficult for others to guess

Let’s say you’re trying to think of a password for your Facebook account.

What image comes to mind when you think of the letter F? It could be a favourite thing or an old friend, as long as it is not something people can easily find out about you (such as the name of your parents, siblings, spouse, children or pet). Who was your best friend when you were a child? “Jeff!” And what year was he born?

If it was 1961, “Jeff!1961!” would be a reasonably secure password you can probably remember and associate with your Facebook account.

If you’re still not satisfied, you can throw in an extra number, symbol or letter. J is the 10th letter of the alphabet, so you might want to use “10eff!1961!” instead.

The trick is to make the password meaningful to you but gibberish to anyone else.

Storing passwords securely

You’ll probably remember a couple of your most frequently used online passwords, but if your list grows to an unmanageable level, don’t be tempted to jot them down on your phone or computer.

If your computer or mobile device gets hacked, the hacker will have access to all of your online passwords – it’s a recipe for disaster.

The best way to store passwords online is through a secure password manager. Three of the best known password management sites are KeePass, Password Safe and Roboform. Roboform has a monthly cost while KeePass and Password Safe are free.

On all password managers, you only have to remember one ‘master’ password to gain access to all your online passwords.

Just remember to update it regularly to ensure you’re using the latest security features. (It will probably remind you!)

There are no guarantees, of course, but by being clever about your online passwords it’s an issue you shouldn’t have to worry about.

Subscribe today for just £34.95 for 12 issues...

Subscribe today and save 51%