Cybercrime continues to increase, with criminals often targeting people’s online accounts, particularly email. Devon & Cornwall Police are reminding residents that many cyber attacks can be prevented by following some straightforward password advice.
Mick Harrison, Cyber Protect Officer for Devon & Cornwall Police, has shared six key rules to help people keep their online accounts secure.
The six golden rules for passwords
Use three random words
Long passwords are stronger than short ones. Using three random words together creates a secure and memorable passphrase. For example, a password made up of unrelated words such as FridgeCloudsTiger is much harder to crack than a short password with numbers and symbols. When it comes to passwords, longer is stronger.
Use a different password for every account
Using the same password across multiple accounts is one of the most common mistakes. If one account is breached, criminals will often try the same password on email, banking and social media accounts.
Consider using a password manager
Password managers store your passwords securely so you do not have to remember them all. They act like a digital vault. It is also acceptable to write passwords down if they are kept somewhere safe, out of sight and away from your device. Some banking and financial services do not allow passwords to be written down, so always check their guidance.
Turn on two-step verification (2SV)
Also known as two-factor or multi-factor authentication, this adds an extra layer of protection. It usually involves a code or notification sent to your phone after you enter your password. Email accounts should have this enabled as a priority. Most banks set this up automatically, but if yours does not, contact your bank to arrange it.
Choose length over complexity
Aim for passwords that are at least 12 characters long. Avoid using personal information such as family or pet names, birthdays, addresses, car details or your hometown, as this information can often be found online.
Do not change passwords unnecessarily
Once you have a long, strong password, you only need to change it if it has been stolen or if a service notifies you of a security breach. Changing passwords too often can lead to weaker and easier-to-guess choices.
Checking if your details have been compromised
You can check whether your email address has been involved in a data breach by visiting HaveIBeenPwned.com. If your details appear, change the password for that specific service straight away.
Further advice on staying safe online is available from the National Cyber Security Centre www.ncsc.gov.uk.
Reporting cybercrime
If you believe one of your accounts has been hacked, report it immediately at reportfraud.police.uk or by calling 0300 123 2040.
If financial information is involved, contact your bank straight away. Many UK banks can be reached by calling 159.
Taking a few simple steps can make a big difference in keeping your personal information safe online.
