Password security is the main thing you can do to prevent identity theft, yet many do not take it seriously. Yeah I know its a pain to remember many different passwords, as there are probably 20 different passwords or more that people have today spanning across bank accounts, brokerage accounts, messageboards and blogs, emails, ISP services, work, and many other online sites. If your password is comprised or guessed, as many of them are, then all of your private information and website access become available to more then just you. Most people are lazy with passwords simply because its too tough to remember all of them, or they use the same password for all websites which is even more dangerous and risky. These tips below will not only make it easy for you to remember your passwords, but will also make you much more secure within minutes by simply following these password tips and rules.

Rule #1 - Is your password any of the following? The name of your pet, the name of your girlfriend, the name of your child, your favorite sports team, favorite celebrity, or the name of one of your parents? If so then you are like the majority, and have created a password that is extremely easy for you to remember, but also very easy for anyone to guess it, especially anyone that knows you. Don't think it doesn't happen, it does. People guess passwords all the time and access their information without them even knowing it. I know a girl who found out months later that their daughter had been reading her emails and IM logs for months. Can you guess what the password was? It was her daughters name, and she simply guessed it and read through her accounts daily without her mom knowing. Not exactly rocket science to break, but the majority of you are using far too simple passwords. Don't be surprised if someone has already been into your account and snooping around. If your passwords are similiar to this, change it NOW. A simple password change would have made it nearly impossible to guess, see the next rule for a simple tip on what to do.

Rule #2 - Your password should always contain numbers. ALWAYS! .... even if it's just 1 number. This will immediately make it nearly impossible for anyone to guess, yet simple for you to remember it. It's fine if you want to use a girls name, but add some numbers in it to make it secure. For example, if you use the name "maryjane" as your password, embed your birth year around it as in "19maryjane80" if you were born in 1980, or make it "mary1980jane". Still simple for you to remember and almost impossible for someone to simply guess it. There are also hacker tools which run through the entire dictionary trying different words, and anyone can download them on the internet. By embedding numbers in your password, or at the beginning or end or your password, you have now created a very secure entry that even your closest friends could never guess. In the rule #1 above, even if her mom had used a simple 3 digit number at the end of her daughters name, like 555 appended to end of her daughters name, as simple as that sounds her daughter would have never guessed it no matter how many times she tried. It sounds so simple but yet the security is 100 times better. You could use any series of numbers at the beginning or end. The more the better, but just adding a few numbers to all your passwords could change everything, and instantly improve your security. A good rule of thumb is that your password should never be able to be found in a dictionary. Also make sure it is at least 8 total characters.

Rule #3 - Never write it down on paper, or save it on your pc in a document! If you really must write it down to remember it, carry the paper in your pocket for as long as it takes but don't leave it anywhere, then tear it up good once you remember it. If you combine numbers and names as shown above, it should be easy for you to remember. You would be surprised how many people look through documents, look under keyboards, in drawers, or behind monitors to see if a password is written there. Don't take this chance.
Even if you store your passwords in a software password manager program, just leave the numbers out when you store the passwords, as that part is easy for you to remember anyways. For example, just enter maryjane in your password managing software, even if maryjane444 is the actual password, since you will easily remember that 444 is always the end of all your passwords. Even if your computer is stolen or compromised in some way, you would feel comfortable knowing your passwords aren't stolen. They would never figure out why the password they found named maryjane doesn't work, and you would always know that the real password ends with 444. It's another simple rule that would protect you even if someone compromised your stored passwords.

Rule #4 - Never enter your passwords into a website that arrived via email, as people can easily fool you by thinking the email is from the bank. This is how most identity theft occurs when they send out and spam millions of people to make it look like your bank is emailing you. If you get an email from your bank, you can always open a browser and go there by typing in your website URL rather then clicking a link that arrived in the email which may take you to a fake page. Just something to be aware of, as many have fallen for this type of scam. Remember also that banks or any online company will never ask you for your password or personal information via email or by telling you to click a link. If in doubt you should simply call your bank. This sounds very simple, but if its so simple then why are so many falling victims this way? If in doubt, then pick up the phone and call, don't click an email link assuming that is really your banks link, even if it looks just like the banks site. Remember the scammers don't know you have an account with a certain bank, they just send out millions of emails hoping for enough "hits", as some will surely have an account with that bank if they send out enough emails!
If you want to see a sample scam email that was sent to me, and the scam website it linked to, etc., check out this scam example. You can see that it looks very real.

Rule #5 - Never use the same passwords for all your online activity! Sure its easy to remember that way, everything is the same. But if that password is ever discovered or stolen or even guessed, then your password is stolen for everything you access. If you use a password manager program to keep track of all your passwords or link to the sites for each, just make sure to follow the rules mentioned in #3 above on storing them. So easy to do, so easy to remember, and yet the security is greatly improved!

Again, its fine to use the same password for your "non important" passwords. These are things like messageboards, blogs, etc., as it really doesn't matter if someone gets those or not, you can simply sign up for a new password and id, and no harm can be done. Any critical passwords (I would consider anything financial related as critical, including banks, brokers, your main email, IM, or ISP password, etc.) should follow the security methods listed above for more protection, and should never be written down anywhere or told to anyone. Again, simple steps will help keep your privacy and security, and will help prevent identity theft.

View other tips and tricks by visiting the main security and privacy homepage.
Have questions? Feel free to post or ask questions here.