Watch CBS News

Now's the time to change your passwords

Trump tweets on economy
President-elect Trump takes credit for uptick in economic indicators 00:54

It’s the season for ringing out the old and ringing in the new. And one of the easiest new things you can do that’s totally worthwhile is to change the passwords on all your online accounts.

Even though you surely know that your online identity is always at risk of being hacked, you may not be doing enough to protect yourself

Having a good password and changing it often is your first line of defense from cyberthieves. And don’t think a simple four- to six-character password will do -- that’s almost like having no password at all. Hackers use multiple dictionaries of English and foreign words, they employ linguistic patterns and they scour social media accounts to identify your passwords. Security experts say a good hacker can break two-thirds of all passwords in existence today.

Here’s some advice from those experts on what to avoid and what to do when changing and creating passwords.

Your passwords are weak if you…

  • Use common words or numbers or letters in sequential order.
  • Disclose your passwords online or give them to someone.
  • Store your passwords where they can be seen or found by others (i.e. writing them on a Post-it note stuck to your computer).
  • Use the “Remember My Password” option on websites.
  • Use the same password for all or several of the sites you use.
  • Include the personal information you disclose on social media or networking websites.

Security experts say it’s best to create a long and complex password. Here’s why.

If your password is simple, such as the name of your dog “Rover,” hackers can crack that instantly. Same goes even if you use “ROver.”

Add some numbers, reflecting the month you were born, such as “Rover12” and your password still isn’t strong -- it can be cracked in as little as 14 minutes. Stronger passwords result when you use a combination of numbers, letters and symbols. For example, use @Rov3r123, and hackers will need more than 275 days to crack it.

The strongest passwords are at least 10-14 characters long. But who can remember a password that’s long and complicated? Here’s a trick. Use a phrase you’ll remember, like “Rover went to market” to create a password like: “Rov3rWENT2Mark3t”. Experts say it’ll take hackers about 377 billion years to crack that one.

To create strong passwords, you should…

  • Use uppercase and lowercase letters, numbers and symbols.
  • Avoid using words found in the dictionary or that you use frequently on social media sites.
  • Never use your name, Social Security number, date of birth, family names or pet’s names.
  • Make sure you use at least 10 to 14 characters.
  • Create separate passwords for email accounts, financial accounts and retail shopping accounts.
  • Change your passwords three to four times a year.
  • Store them in a safe place or use a secure password management tool.
View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.