Passwords

As you surf the Web, you've undoubtedly noticed that many websites require a user name and password to access services like e-mail, to read premium content and to shop online.

Typically, you get a password by registering with the site, usually by filling out an online form. With most sites registration is free; with others you may have to pay a fee, such as sites with proprietary research and financial information.

Your password is your prime defense against unauthorized access to your personal account. Do you want someone reading your e-mail or reviewing your banking records? Of course not, so it's important to choose passwords carefully and just as critical, to safeguard them.

A website's security system can only confirm that a password is legitimate, not whether you're authorized to use the password. Make it tough for potential snoops by following these guidelines:

1. Don't use passwords that consist of easily obtainable personal information, such as your address, phone number or date of birth. Also avoid using common words found in a dictionary.

2. Devise passwords of at least six characters and consisting of upper and lower case letters, numbers, and symbols, for example: 2le@rN.

3. Use a different password for each service you register with.

4. Ideally, a password should be easy to remember. However, the reality is that having multiple passwords becomes confusing; which password is for which site? If you need to record your passwords, store them in a secure location. A piece of paper in the top drawer of your desk is tempting fate. Even worse is a Post-It note on your monitor!

5. Never disclose your password.

6. For sensitive accounts, such as financial services, change your passwords frequently. We recommend every two months.

Last update: Jan 18, 2010