Call us for a quotation:
0845 519 4727
Despite campaigns recently to increase awareness about the need for secure passwords in the UK, many web users leave use themselves open to hackers by choosing easy to guess and insecure passwords. A survey by Visa Europe found that “over three-quarters choose passwords relating to friends, family and memorable dates” whilst following a recent phishing attack on the website MySpace it was found that “the five most common passwords are: password1, abc123, myspace1, password and blink182 (a band).”
The lack of proper password security is one of the factors contributing to the ongoing problem of online fraud in the UK. The UK Cybercrime report identified the following worrying statistics:
So how can you help keep your identity online more secure? These 5 points provided a guide to the do’s and don’ts for using passwords online
Using the same password for many, or worse all websites, is like putting all of your eggs in one basket; should one website be compromised, all other accounts are open too. Quite often, if one password becomes available to a hacker, they will try this password on many other major websites – eBay, PayPal, your online banking etc. A hacker will use automated tools to do this, so can try many websites very quickly.
Using a password management tool allows you to store and access many passwords very easily.
A password that includes a dictionary word or a name can be broken very easily. Password lists are circulated around the internet and are freely available; these not only include names and whole dictionaries, but also common passwords revealed when websites are broken into (such as the MySpace example mentioned earlier in this article).
Using automated tools, short passwords are easily broken too. The website “lockdown” publishes the following examples*:
*Passwords use alphabetical characters, in a single case. Automated software runs on a modern desktop machine.
It is important that your password is as unique as possible. Strong, memorable passwords can be created in many ways; one example is to use a mnemonic. “Richard of York gave battle in vain” could be used to remember the password “RoYgbiv”. To make it more secure you should add numbers and upper/lowercase characters too, maybe replacing letters with numbers, e.g. swapping “g” for “9” or an “i” for “1”. You could make the phrase personal to help remember; “I love my fat cat Tibbles, she loves her food too” – “1lmfcTslhf2″.
Modern browsers include password storing features for your convenience. Making use of these features is a bad idea for a number of reasons:
A password management tool provides many helpful functions to help your security online; storing log in details for different websites, automating the log-in process, creating secure passwords and more. These details are stored in one very secure encrypted file, meaning you will only need to remember one password from now on. Make it a good password however; long, with both letters and numbers (see point 2) and always make a backup of the encrypted file and keep it safe.
KeePass is a free, open source, light-weight and easy-to-use password manager. There are versions for Windows, Linux, Mac OS X, and mobile devices. For a portable solution you can take anywhere, you can even run it on a USB stick!
Password management tools are also built into some security packages, like Norton 360 from Symantec, and often into laptops too.
A good security policy is to change passwords regularly; in fact in high-security applications (such as the Government) passwords are only allowed to be used once before a new one is issued. Although this is a little excessive for most businesses, changing your password maybe every few months might be a good idea. Using a password management package also means that you’ll never have to rely on remembering these either.
If any of your passwords fail on the points above, change them now.
If you forget your password for accessing your email, website statistics or online shop, you will need to contact us by email or phone.
For security reasons we can only issue new passwords (rather than tell you what they were), and will require proof of ID, which we will discuss at the time.
BF Internet, 7 Shoreline Business Park, Sandside, Milnthorpe, Cumbria, LA7 7BF, UK
Tel: 0845 519 4727 - Fax: 015395 64580 - Email:
1996 - 2014 Big Fish Internet Ltd t/a BF Internet