Expert Tips to Help You Practice Good Password Hygiene

Estimated Reading Time: 4 Minutes

One of the best ways to do your part and #BeCyberSmart is to protect your identity by following good cyber hygiene practices. The term cyber hygiene refers to ways we can reduce our risk of hackers gaining access to our personal information that’s stored online, lowering our chances of becoming victims of identity theft and fraud. Hackers acquire passwords through techniques such as data breaches, brute force cyberattacks, and credential stuffing. Although sophisticated attacks are often outside of our control, there are a number of things that we, as individuals, can do to safeguard our identity – and keep the hackers at bay!

Here are the DOs and DON’Ts of maintaining good password hygiene:

The DOs

• DO use strong passwords. Use a combination of letters, numbers, and symbols (setting permitting) that is not easy to guess. Create a password that is at least eight (8) characters long and unique to you.
  
  
  
  
• DO use multi-factor authentication (MFA). Establish two types of verification whenever you have the option to do so. This feature is generally found under the “Settings” or “Security” tabs on devices. Taking this extra step in the short term to protect your devices will help tremendously in the long term.
• DO verify the site is secured before submitting your password. Look for “https:” at the beginning of the url when you are setting up new accounts requiring passwords. Make sure the url is accurate, does not contain any typos, and that the site is secure. If it looks sketchy, it probably is! Trust your instinct.
• DO change your password regularly. The more often you change your password, the better off you will be. Be sure to also change it whenever you hear about a data breach involving a company you do business with to avoid identity fraud. Stay ahead of the game!
• DO report suspicious activity immediately. If you suspect you’re a victim of identity theft, be sure to report the incident to IdentityTheft.gov and/or ReportFraud.ftc.gov. You should also notify the institution/organization where you suspect the fraud happened, get copies of your credit report, and consider placing a fraud alert on your credit reports.
• DO protect yourself. Consider enrolling in a comprehensive identity and cyber protection program to protect your identity and devices. Contact us to learn if your trusted financial institution, insurance carrier, or cybersecurity provider offers Iris On Watch today. Iris powered by Generali has your back 24/7/365!

The DON’Ts

• DON’T share passwords. The only person you can fully trust to safeguard your password is yourself. You cannot ensure someone else will take care of your information, and, unfortunately, friends are friends until they are not!
• DON’T use passwords that use personally identifiable information (PII). You should never include PII (i.e. SSN, phone number, name, names of friends/family members, etc.) in your password for two reasons – 1) it can make your password easier to guess and 2) if your password is exposed, your PII will then also be exposed, thereby giving hackers even more information and ways to assume your identity.
• DON’T use dictionary words in/as your password. If your password contains common words and is easy to remember, it will also be easy to guess. Don’t make it easy for hackers to use a dictionary attack!
• DON’T think you are invincible. Unfortunately, identity theft happens at an alarming and increasing rate. In 2020 alone, 49 million Americans were victims of identity fraud, losing a total of $56 billion. Just as you take care of your physical health, be sure to take care of your cyber health before it’s too late!