James Walker: Make passwords and pins fit for purpose

I get loads of people asking me about fraud and how to avoid it. A cynic might say 'trust people less', but that's a bit of a downer. In fact, the best thing we can all do to keep our private information safe is to take a fresh look at the online passwords we use.

Easy Password Concept on Laptop
Easy Password Concept on Laptop
Easy Password Concept on Laptop

How not to do it

I asked the team at Resolver about some of the big password fails that they had encountered, and PIN codes provided some extraordinary examples. One woman had written her pin number on the back of her debit card. Another person contacted us to complain their bank had repainted the building and he couldn’t read the code which he’d written on the wall.

These might seem extreme, but lots of us have a Post-it note with our pins written on them in our bags or wallets. If this gets pinched and your account is broken into, you won’t get a refund if your bank thinks you’ve been “reckless” (we can help you with that, by the way).

Picking a password

Hide Ad
Hide Ad

Remembering passwords is tough. Some people make it easier by choosing “11111111”, or even “password”. And office workers around the land are likely to have used the same password with an ever-increasing number at the end of it when the password change reminder comes up.

I have a lot of sympathy for people who go for easier options. If you’re dyslexic, or just don’t have a head for figures or remembering things, then you’ll struggle with the kind of passwords that security companies recommend.

But creating memorable passwords doesn’t have to be hard. Here are a few tips:

◆ Longer is better. It doesn’t have to be complicated, but a longer password is much harder to crack. Stick a few of your favourite words together and use capital letters.

◆ Sing it. If you’ve got a favourite song then take the first letter of each word in the chorus. The sequence of letters will appear random but you’ll know it. Remember not to sing it out loud when in public.

◆ Mix it up. It makes sense to use different passwords for different things – but you don’t want to end up with tons of the things. So why not use different passwords for three separate things: money matters (the most complex password), shopping and leisure.

◆ Use special characters. But make them random – “@” instead of “a” is easy for hackers to crack. So think of a number that you’ll remember and use the character on that key on your computer. Make sure it’s not a birthday or guessable number though.

◆ Don’t trust your browser to remember your password. Autofilling is a great tool, but browsers are vulnerable to hackers. Even though it’s a bit of a hassle, fill in the details yourself and delete your cookies when you can.

Hide Ad
Hide Ad

◆ Be random. Think of something that makes you smile, like a celebrity doing something unusual, like “Cher on a pear”. The image will be your memory jogger.

And one last thing.

You know those quizzes you see on social media? The ones that tell you what Disney character you are or things that guess your age from a picture? Many of them allow the makers to mine information about you. For example, your mother’s maiden name crops up repeatedly on these quizzes – and it’s a key bank identification question too. So ditch the quizzes. Stick with LOLcats, it’s safer.