Alert
Close

Watch the NASCAR race on Sunday at Texas Motor Speedway. Join the Drive to End Hunger!

Highlights

Open

You and Your Town Contest-You could win an AARP RealPad

AARP Auto Buying Program

Contests and
Sweeps

$10,000 Winter Escapes Sweepstakes

Beat the cold and cozy up to a chance of winning $10,000! See official rules.

Driver Safety

Piggy bank on the road - AARP Driver Safety

Take the new AARP Smart Driver Course!

AARP Books

Visit the Money Section

Enjoy titles on retirement, Social Security, and becoming debt-free.

Jobs You Might Like

most popular
articles

Viewed

Scam Alert:

Passwords Are the First Step to Online Security

The difference between secure computing and falling victim to online fraud or identity theft often comes down to a dozen or so keystrokes: your password and your answers to those security questions that websites figure only a real user would know.

In the first of two parts, Scam Alert provides tips on how to choose hard-to-crack passwords that are easy to remember. Next week, we explore the problems with commonly used security questions, and how to create answers to bolster online security.

You’ve heard it before: To protect your online banking, shopping and other accounts, use strong passwords—often described as having at least eight characters and a mixture of upper- and lower-case letters, symbols and numbers. Yet despite that common advice, hackers manage to break into computer accounts every 39 seconds, according to one study, and losses last year from online fraud totaled $265 million, up 33 percent from 2007, according to the FBI.

One reason: Many people continue to make poor password choices, repeating their username (johnsmith) or adding numbers to it (johnsmith123). Other commonly hacked passwords include “123456” or some other numerical sequence, the words “password” or “test,” or others on this list of worst passwords.

But even tweaking a word with symbols or numbers—say, changing “mysecurity” to “my$eCurIty”—may no longer be enough. Nor is repeating a word (mysecuritymysecurity) or even spelling it backward (ytirucesym).

That’s because sophisticated hackers often use “brute force” programs that scan for words found in the dictionary, and even combinations of them. Once a hacker cracks a password, he can change it, locking out the real user.

This may explain those cryptic passwords, such as HD4kr#wp8T49c, that are often assigned when you open a new online account. But while such passwords offer increased security, they can be hard to remember (one reason why they are usually changed to regular and hackable words).

So how can you devise hard-to-crack passwords that are easy to remember?

  • Create a password by using the first letter of a favorite phrase or song lyric. For instance, “When I’m feeling blue, All I have to do, Is take a look at you,” becomes “wIfbaIh2ditAlaU.” In this way, the song “A Groovy Kind of Love” becomes a stronger kind of password.

 

  • Combine parts of unusual and unrelated English words, such as “gastrocumulus” or “cyberplasticity,” or combine English words with those from a foreign language, such as “chienrattlesnake.”

 

  • Use fragments of words mixed in unusual ways: “Carol loves pizza” can become “zaCarolSevolPiz” (with loves spelled backward), or weave two words together, so “Summer Flings” becomes “SFulmimnegrs.”

 

  • It’s unwise to use birthdays or anniversaries as a password, because those dates may be available in online public records. But with a little tweaking, your hackable June 10 wedding date can be stronger when combined with the initials of your maid of honor (Susan Jones) and honeymoon designation (Miami): “SJ0610mia.”

 

Ideally, you should use different strategies to create different passwords on various accounts, and change them every month or so. Check the strength of each password at Microsoft’s password checker.

Sid Kirchheimer is the author of  "Scam-Proof Your Life" (AARP Books/Sterling).

 

Topic Alerts

You can get weekly email alerts on the topics below. Just click “Follow.”

Manage Alerts

Processing

Please wait...

progress bar, please wait

Tell Us WhatYou Think

Please leave your comment below.

The Cheap Life

Jeff Yeager Cheap Life Ultimate Cheapskate AARP YouTube web series save money

Catch the latest episode of The Cheap Life starring Jeff Yeager, AARP's Ultimate Cheapskate. Watch

Discounts & Benefits

From companies that meet the high standards of service and quality set by AARP.

Life insurance: you are covered rain or shine

Exclusive annuities for members from AARP Lifetime Income Program from New York Life.

AARP Credit card from Chase

Members can get cash back rewards on purchases with the AARP® Credit Card from Chase.

Homeowners Insurance
Member Benefits

Join or renew today! AARP members receive exclusive member benefits & affect social change.

Rewards for Good

Your Points Balance:

Learn More

Earn points for completing free online activities designed to enrich your life.

Find more ways to earn points

Redeem your points to save on merchandise, travel, and more.

Find more ways to redeem points