Skip to content Skip to footer

One of the best ways to protect yourself from having your information hijacked is to make sure that you are being smart about your password creation. While requirements like password length and special characters might be annoying, they are actually there to encourage you to create a strong password to protect data. Below are some tips to make sure the passwords you are creating are passwords that will protect against information ending up in the wrong hands.

1-      Be creative.

Try thinking of a phrase and then replacing the vowels with a number or special character. For example, “I love chocolate” could be “*l(v#ch(c(l!t#”. I chose to replace the vowels with the special character directly above and to the left.

2-      Be an overachiever.

Try to go above and beyond the minimum requirements. If you are required to use at least 8 characters, try to come up with a password that has 12 characters with two numbers and two capital letters.

3-      Don’t recycle.

When prompted to change your password don’t just change the number at the end or use a password you have for another account. It is best practice to recreate a new password each time. If your last password reminded you of a baseball team then maybe try a vacation for the next password.

4-      Don’t be predictable.

Avoid using names, common industry terms and addresses in your password. You should also try to avoid using capital letters at the beginning and special characters and numbers at the end of your password.

5-      Don’t share.

No matter if you are talking to someone on the phone, texting them, or sitting right next to them, there is always the possibility of the information you are sharing to be intercepted. Take care to keep your passwords protected.

6-      Educate yourself.

Try to stay current on the latest hacking tactics, mainly phishing. Phishing is when a hacker sends out emails that appear to be from a trusted site like PayPal or Amazon. These emails look real and will often prompt you to verify your login information on what looks to be the sender’s login page, when in reality it is not.