How can I keep my passwords secure and confidential?
5 tips on keeping passwords secure
1. Don't reveal passwords to others
- Keep your passwords hidden from anyone who could pass them on to less trustworthy individuals.
- Be sure to safeguard your answers to password recovery questions (i.e. "What was your mother's maiden name?" etc.).
- Don't reveal these answers to others and don't choose questions with answers that are freely available on the internet.
2. Protect any recorded passwords
- Be careful where you store the passwords that you record or write down
- Don't store passwords on a file in your computer, because criminals are most likely to look there first
- Don't carry passwords around in your wallet or hide them in obvious places, such as under your keyboard
- Don't leave a record/written message of your passwords anywhere that you would not normally leave personal information (esp. in a public place, etc.)
3. Never provide your password via email or in response to an email request
- Any email message that requests your password or requests you to go to a website to verify your password is almost certainly a fraud.
- This includes requests from trusted companies or individuals. Emails can be intercepted in transit, and email messages that request information might not be from the senders they claim to be from.
- Internet "phishing" scams use fraudulent email messages to entice you to reveal your usernames and passwords and steal your identity. Learn more about phishing scams and how to deal with online fraud.
4. Do not type passwords on computers that you do not control
- Computers in public places, such as at internet cafes, computer labs, shared systems, at kiosks, conferences, and airport lounges should be considered unsafe for any personal use other than anonymous Internet browsing.
- Do not use public computers to visit chat rooms, check online email for bank balances, business emails, or any other personal, financially-based accounts that require you to enter a username and password.
- Criminals can purchase keystroke logging devices for very little money and they take only a few moments to install. With these devices, malicious users can gather information typed on a computer from across the Internet—your passwords and pass phrases are worth as much as the information that they protect.
5. Use more than one password
- Use different passwords for different websites and services
- If any of the computers or online systems using a particular password are compromised, all of your other information protected by that same password should be considered compromised as well.
Is this information useful?