Identity Theft - Protect Yourself on the Net
|Published: 15th January 2010 07:41|
Identity Theft is a Growing Concern - But Preventable When Internet Surfers Follow Some Simple Guidelines
Identity fraud cases in the UK have increased by 74% compared to last year. These alarming figures come from the latest survey by the UK fraud protection service CIFAS. Clearly ID theft is a growing problem and is being intensified by the speed and availability of information on the Internet; as we need to remember more and more usernames and passwords to access various accounts, we are becoming increasingly less careful when choosing our user name/password combinations.
Identity thieves are primarily after one thing, your passwords. Once the culprits collect your passwords, they gain access to your accounts, steal your identity and use the information for personal benefit.
We examine some of the best and worst password practices below and provide some simple, easy-to-follow ideas on how you can improve the security of your digital identities.
What We Typically Do Now
Most of us choose a simple word that is easy to remember, such as our:
- name or initials
- child's name
- pet's name
- favourite sport
- favourite team
Although this is a common practice for most of us, it should be avoided. Hackers can guess these passwords if they know some basic personal information about us, or are armed with the most simplistic password hacking programs.
Other bad password management practices to avoid at all costs include:
Don't use dictionary words, proper nouns, foreign words or backwards words. Most hacker programs will easily crack these password codes.
Don't use personal information in your passwords such as your name, child's name, occupation, telephone number, ID number, address or birth date.
Don't share your password with anyone! Not with your spouse, parents, siblings, significant other, secretary, boss, or colleague.
Don't write your password on a Post-it and stick it on your monitor or any other easily accessible location. In fact, you should not write down your password anywhere.
Don't save your password as part of an automatic login script if anyone else has access to your computer.
Don't rely on Internet Explorer's AutoComplete function. This is an insecure method of storing your passwords on your computer.
Don't allow a web site to store your password. Almost every web site offers to store your passwords so you won't need to retype it each time. There are three main reasons for this. First, passwords saved in these programs are not secure and can be read and used by anyone with access to your computer. Second, hackers are increasingly gaining access to servers, where your passwords are stored. And third, if you decide to delete your cookies, many sites will not allow you access forcing you to go through the time consuming process of requesting and resetting your password.
Don't keep a record or list of your passwords in an unencrypted file on your computer where it is susceptible to hacking.
Don't choose or change your passwords on a public computer or in a public place such as an Internet cafe.
Don't use the same password on multiple accounts.
Don't use some of the most common passwords used such as:
Good Password Management Practices
Perhaps the single most important thing to remember when creating a new password is to make the password hard to guess, but easy to remember. That's easier said than done, but if you follow some of the guidelines below you will start using passwords that are more secure.
A good password is any combination of letters and numbers that cannot be found in a dictionary. Your password should be at least 6 to 8 characters long and should not have any personal information such as your name, child's name, occupation, telephone number, address or birth date. A combination of letters, numbers and symbols will work best. Make sure you use a mix of capital and lower-case letters to make your password even more difficult to crack.
Change your password regularly - once every three months at a minimum.
Always log off when you have finished using a site and close your browser to prevent others gaining access to any personal details online.
Make your existing passwords more secure. There are several techniques you can use to make your existing passwords more difficult for hackers to crack. Whatever method you choose you should remember to make it an easy and understandable method so you will have stronger passwords without much more effort.
1. Use the first letter from every word in your favourite expression, or line in a story, poem or movie. For example, "A bird in the hand is worth two in the bush," could lead you to the following password: ABinHiWTitB.
2. Choose a word as your password, but then substitute similar looking numbers for letters in your passwords. For example, Football may become F00t8a77. Here is a sample list of numbers that could be substituted for letters:
You don't need to associate every number with a letter. What is important is that you remember your list of associated letters and numbers.
3. Choose a password that you want to use and then come up with a keystroke mapping system. For example, if you choose to do an "upper-left" keystroke system you would choose the letter to the upper-left of the actual key you wanted. So if your password was qwert (not recommended) your new password would be 12345 (also not recommended). If the word you wanted to use for your password was football, your keystroke password would be r995gqoo. It sounds complicated, but you need to look at your keyboard anyway, why not just choose the letter to the upper-left, left, or lower-right of the word you choose to remember.
There's no substitute for remembering every combination username and password, but when you find that this becomes overwhelming, instead of lowering your password management standards, invest in a secure password management program,such as RoboForm, which will securely remember and encrypt your passwords, or generate new difficult-to-hack passwords for you.
In today's increasingly digital world we need a password or PIN everywhere and, let's be honest, remembering all our passwords is no easy task. Often, instead of keeping up good practices, we tend to be a little careless so that we are able to remember our passwords. We do this knowing that we are increasing our risk of exposure, but the alternative can be overwhelming.
However there are a few easy ways to make your passwords and digital identity more secure. Most of them are easy to implement yourself, but if you find that good password management techniques are still too difficult to practice, you should invest in a product that can help. A small investment of your time today will help prevent theft and identity loss tomorrow
About the Author
Bill Carey is the Vice President of Marketing and Business Development at Siber Systems. Siber Systems creates and markets a wide range of software to both professional programmers and the general public.
RoboForm will securely remember and encrypt your passwords on your computer in an encrypted Passcard file. It allows you to then use those Passcards to log into websites with one-click. The program uses some of the strongest encryption methods available including AES, Blowfish, and RC6.
If you are having difficulties generating strong passwords, RoboForm will generate and store difficult-to-hack passwords for you. The password generator can be customised to fit your needs including generating random passwords of any length, up to 512 characters. Other password generator options include:
- A user can specify a set of characters to appear in the password, including special characters
- The ability to exclude similar characters
- An option to generate hexadecimal passwords
RoboForm also helps defeat phishers and key loggers. RoboForm requires a stored URL to match an online URL to automatically log-in a user to a website. If a potential victim routinely uses RoboForm to log-in to websites, they will not be able to log-in to a fake site because the URLs do not match. Users will be tipped off, exposing the fake web site as a phishing scam. Also, by using RoboForm to log into your web sites, you bypass the keyboard making it impossible for keyloggers to steal your passwords and other personal identification
Don't be a victim!
JETtech offers a local IT solution to help protect your computer from hacking, scamming and viruses and hidden application that leach your personal details.
The number of poisoned websites is growing at an alarming rate, seemingly innocent websites have hacked code that is designed to annoy you into submission or purchasing unnecessary applications that do nothing or worse damage or compromise your computer and your privacy.
Remember the golden rule when storing any data - have it in two or more places be it files, photos or accounts or even God forbid all of your music! All hard drives will fail - it is just a case of when. Make sure you dispose of old drives effectively, wipe them first if possible or smash them before recycling them.
We recommend and use RoboForm ourselves and are a registered AVG distributor and data protection specialist.
You do not always need to take your computer to JETtech as they can remotely connect to your PC securely ensuring your continued privacy whilst resolving your IT issues.
Please contact them on 020 7558 8372 for support on all your IT issues.