The recent Heartbleed security flaw was a stark reminder of the need to manage online password security. The security flaw enabled a hacker to exploit websites by retrieving usernames, email addresses, passwords and other data.
Though most affected websites and web services have since been patched, the breach highlights the need for better password management.
It’s vital to use different passwords for all websites and services. The risk of using a common password is that, once hackers know your email address and password, they may try to access other websites, such as banks and other financial institutions.
Having a unique password for each website provides far greater protection, and dramatically lowers the risk of your personal details being compromised. But how do you do it without having to remember dozens of different passwords?
Simple steps to stay safe
Here are our top tips to protect your data online:
• Pick a complicated password using various symbols.
• Split the password in two: the first part can be common to each website; the second part should be a prefix or suffix that’s specific to each site.
• For example, imagine the common part of your password is P0t4t0E123. The prefix for Facebook is FB or, better, BF (reversed), WT for Twitter, BE for eBay, and so on. So your passwords would be as follows:
– Facebook: BFP0t4t0E123
– Twitter: WTP0t4t0E123
– eBay: EBP0t4t0E123
• Alternatively, use a password manager such as LastPass, RoboForm or KeePass to manage and securely store your passwords. Most of these tools will generate a unique password for each website you use.
• Regularly change your passwords, and never use personal information such as addresses, the names of pets or children, or dates of birth.
• Think of a meaningful sentence or phrase, then combine the first letter of each word to make up your password. You can even use punctuation.
• Above all, never write passwords down.