How To Create A Secure Password

Millions of us share photos, pay bills, shop and socialise online via our smartphones, tablets and laptops. With all our private information whizzing about, criminals can easily access personal details to commit identity fraud and steal from us.

And with the news today that thousands of online National Lottery users may have had their accounts hacked and login details stolen, it’s more important than ever to ensure your security online. Here are our expert tips on staying cyber secure…

Why do I need a secure password?

The biggest online security
 risk is inadequate passwords. Fingerprint, voice-recognition 
and eye-tracking technology (biometrics) is becoming more
 common and these are fantastic
 if you have them for your phone
 or tablet. For everything else,
 strong passwords are your best weapon. Hackers skim through your social media accounts to guess them from personal information.

How can I make mine hackproof?


– The longer your password, the better. Hackers give up if it’s lengthy and complex. Use a mixture of numbers, lowercase and uppercase letters and special characters (punctuation). Don’t use real words. Create acronyms from well-known sayings or song lyrics, mixed with characters and numbers. For example, ca1iyflarwar! (“clap along 
if you feel like a room without a roof” – from Pharrell Williams’ Happy).
 Alternatively, create an acronym from a sentence that is personal to you, suchas ImJi99aDc! (I married John in ’99 at Durham cathedral).

– Use a different password for each account. Password managers like 1Password, LastPass or KeePass can store all your passwords in a secure place, ready for any login you need. Password managers are recommended by cyber security experts because they encrypt and decrypt passwords locally on your computer. You just need to remember your master password – make sure it’s long, complex, and known only to you. There are never guarantees and any online system has the potential to be breached, but this is as safe as it gets right now.

– Maximise your privacy settings. Your data, even pets’ names, are valuable to hackers. On social media, use the highest level privacy settings. For example, on Facebook, click the arrow in the top-right corner, select Settings, select Privacy on the left and click a setting to edit it (eg. Who can see your future posts?). Criminals comb social sites for every scrap of personal information to
 sell. Beware who
 you “friend” and 
remove your 
address, phone
 number and
 date of birth 
from your
 profile.

Should I get antivirus/antispyware software?
McAfee, Norton, Symantec and AVG offer packages to cover all your devices. These cost from around £30-£90 for a year and protect against viruses and other malware. It’s worth investing in one that offers identity, privacy and data protection too. You should also:


-Back up all your files on a separate hard drive at least once a week and switch off your computer when
 you’re not using it, and, if you receive a dodgy looking email, delete it or drag it to your junk folder and open it there – you won’t risk infecting the rest of your computer.

What can I do if I’ve been hacked?

– Log in to your email or whichever site is affected and change your password.
 If you can’t log in, contact 
the website’s technical support department for advice.


– Tell your bank, building society and/or credit card company.
 They may want to freeze your accounts and send new cards, PINs and passwords. Most will refund any money lost providing you weren’t negligent.
 Change your password on all other websites, such as Amazon, the App Store and eBay.


– If the website access requires a secret question, change it, if you can, to avoid repeat incidents. If you can’t, contact the website’s technical support for advice.


– Tell Royal Mail if you suspect mail theft or a mail redirection 
has been fraudulently set up
on your address.


– Report it to action Fraud, the UK’s fraud reporting centre: 0300 123 2040; actionfraud.police.uk

– Get a credit check done to assess whether you’re a victim 
of fraud, and keep a close check for the next year or so.

How can I protect my phone from theft or loss?

Register your phone at immobilise.com. This means it’s stored on a database that is then used to alert the second-hand trade if you report it stolen. Registration speeds up insurance claims and police reports because it helps prove your ownership of the handset.

Get a “wipe your phone” app. Find My iPhone, Android Lost and BlackBerry Protect allow you to remotely lock and erase all your personal data (from a tablet or laptop), should your device 
be lost or stolen.

Stop photos being a security risk. GPS technology on your phone means the time and place of any photo you take is recorded and uploaded online with the photo. This means that criminals can have access to where you live, work or go on holiday, simply by browsing your social media accounts.

Switch geotagging off on your phone. On iPhone: Tap “Settings”,
then “General” and then “Location Services”. Switch off any apps
that use GPS data.
 On BlackBerry: Go to the camera icon. Press the “Menu” button, select “Options” and set the geotagging option to “Disabled”. Click “Save”. On Android: Start the camera app. Open the menu to the left and go to settings. Turn off geotagging.

What can I do if my phone has been stolen?

– Activate the wipe-your-phone feature.


– Tell your network provider so they can block it.

– Get them to give you the phone’s identification number (IMEI), then call the police and report the phone missing.
 Make a note of the crime reference number
- you’ll need it to make an insurance claim.
 If you have a tablet with corresponding apps on your smartphone, change as many passwords as you can. If you use a banking app, tell your bank your phone has been stolen.

Anything else I should be aware of?
– Hackers use apps to download spyware onto devices. Check the permissions on the apps before installing so they don’t store unnecessary personal information. A game app should not have access to your contacts list or your network info.

– Check URL’s and shop securely. An easy way for hackers to harvest usernames and passwords 
is to create fake web pages designed to look like ones you use, such as your bank or Facebook. When you click on a link, check the URL is the one you’d expect. Open sites using https:// at the start of the address, which encrypts data. If a green padlock appears, the site is secure.

– Rats (Remote access trojans) 
are usually downloaded 
invisibly with a programme 
requested by you – for example
 a game – or sent to you as an email
 attachment. They are used to take control
 of your computer. They are used to monitor online activity and emails, or take control of webcams to record videos of you to be used

for blackmail. Use effective anti-spy software and have a firewall
running.