Home » Current Focus » Online Safety Series » Password Hygiene
Did you know that most people use the same password and username across up to seven different accounts?
The most hacked passwords contain 12345,” “123456,” “123456789,” “abc123,” “1111111,” and even the term “password.” If you have ever used these combinations in a password this article will help you create more robust and safer passwords.
We all know that password security is so important when dealing with cybercrime. However, people are not taking it seriously enough! Good password hygiene is a security practice everyone can implement to protect themselves from cybercriminals. Password hygiene is creating passwords that are difficult to guess and unique for each account. It also includes avoiding passwords that are easy to recall like the ones mentioned above and keeping your passwords private. Cybercriminals that obtain your password, can access your personal information leading to monetary loss and identity theft in many cases.
- Guessing- if your password is too simple a scammer may be able to guess it. If your password consists of personal information, such as your birthday or name itself, someone who has access to your social media may be able to guess it.
- Brute force- A software program designed to hack passwords, which can confirm simple passwords in just minutes. However, longer passwords with a combination of upper/lower case and symbols will be much trickier for a computer program to hack.
- Manipulation /Social Engineering- encompasses a wide range of tactics whereby individuals are manipulated into giving up their confidential information. Similarly known as Phishing and baiting.
- Website hack- if a website experiences a data breach, your information could be leaked. If this does happen, you must change your password straight away. If you have used the same password for other accounts, you must change them too.
An example of this is when you receive an email from what looks like a reputable organisation, for example, a bank with a link to verify your account. By clicking on the link and entering your password, you are unknowingly giving over your password information to a scammer.
That is why your bank will never contact you via email or text asking you to verify your details
”At BankVic we are committed to supporting our members and their security. We offer passwords of up to 30 characters and they must include a combination of alpha and numeric, upper and lower case characters. We would never ask our customers to confirm personal information via email”
- Avoid reusing passwords- even if it is a strong password, you must use different passwords for each account. If you do not, you can make it easier for scammers to hack into more than one account.
- Use two-factor authentication- this involves a two-step process to login into an account. You receive a one-time password via phone or email to verify it is you accessing the account.
- Use a password manager- this will help to create strong passwords and store them so that you only need to remember one password to access the password manager.
- Use a personal and work email account- it is a clever idea not to mix your email and work email accounts. Having one email account could result in a big data loss if you are hacked by a scammer.
- Use antivirus and malware software- on all devices. Ensure you regularly update these applications to keep the protection current.
When thinking about making your passwords as hard as possible to crack, using a paraphrase that is easy to remember could be a smart idea. For example, a quote, including lower case, upper case, symbols, and numbers would meet complexity requirements. Password hacking tools break down at 10 characters!
By applying these simple password hygiene practices, you will make it extremely hard for a cybercriminal to hack into your account.
Now change your passwords if you have not done so in the last 3 months!
We’ve partnered with BankVic to help keep our community safe from scams and criminal activity while online! Stay up to date with the latest tips and information in one convenient place, empowering you to prevent online crime and outsmart scammers. Together, we can create a safer internet for everyone!
Read articles here.
Been scammed?
Step 1
If you have given any financial details or have already lost money, contact your bank immediately.
It’s also important to change your passwords, monitor your accounts closely, and consider placing a fraud alert on your credit file.
Step 2
Report the scam to police at cyber.gov.au or at your nearest police station.
Additionally, report the scam to Scamwatch and your local authorities to help prevent others from falling victim.
If you think you have been scammed online, IDCARE can help for free! Call 1800 595 160 or visit their website www.idcare.org
Step 3
Getting scammed online does not mean you are not smart. Cybercrime keeps changing, so anyone can be a target. Do not be embarrassed or hard on yourself! Learn about new scams and take steps to stay safe instead.
If you need support after falling victim to a scam talk to friends and family or contact:
Lifeline: 13 11 14
Beyond Blue: 1300 22 4636
Step 4
If you have given any financial details or have already lost money, contact your bank immediately.aFinally, talk about different types of emerging scams and if you have been scammed share your experience with family and friends so they can better recognise the signs of scams.
Smart Scam Guide
Download a comprehensive guide to spotting scams. Download to learn about the most common scams and what to do if you have fallen victim to one.