How to protect your online passwords

There are several ways to help prevent cyber-criminals from accessing your online accounts, says Ruth Jackson-Kirby.

Easyjet website © Daniel Berehulak/Getty Images
Easyjet lost nine million customers' details © Getty
(Image credit: Easyjet website © Daniel Berehulak/Getty Images)

Nine million EasyJet customers have had their emails and travel details hacked in a cyber-attack. The airline says all affected customers should change their password for the site. But even if you aren’t an EasyJet customer, it is worth thinking about making your passwords safer.

Cyber-criminals seem to have little trouble working them out. On average we all have seven passwords for sale on the dark web, according to ClearScore, a financial technology group. The dark web is the part of the internet that is invisible to search engines, and criminals use it to exchange goods and data. A new free service, ClearScore Protect, will scan the dark web to see if any passwords associated with your email address are for sale. Taking the time to scan your own email address can be eye opening. I thought I was pretty secure but found that four of my passwords were available on the dark web.

If you find your password is for sale on the dark web you need to check all accounts associated with that password. Look for any suspicious activity and change your password. Britain’s National Cyber Security Centre recommends that you “use a sequence of three random but memorable words for passwords”, says Kenza Bryan in The Times. “These could be the three first cities you visited or the names of your three best friends.” Use special characters and numbers to make it more complex. Make sure the password for your email account is particularly secure. “Websites usually send links to your email if you tell them that you have forgotten your password… If your email account is breached, all your other passwords can be reset.”

Subscribe to MoneyWeek

Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE

Get 6 issues free

Sign up to Money Morning

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter

Sign up

You can use a password manager to keep track of all your passwords. Services such as 1Password or LastPass let you choose one password to access an account with them. They then encrypt and store all your other passwords, so you needn’t remember them all.

Opting for two-step authentication where possible will make your accounts a lot more secure. This means as well as entering a password you’ll need to tap in a code that is sent to you via text, email or a phone call when you log in.

Also make sure you keep the software on your phone, tablet and computers up to date. Developers “scan the dark web for potential ways their products can be hacked. They release updated versions to protect against outside interference, so always download these to make sure you are fully protected,” says Bryan. Finally, avoid storing your card details on any shopping accounts. Then if your account is hacked the criminals can’t make purchases with your cards.

Ruth Jackson-Kirby

Ruth Jackson-Kirby is a freelance personal finance journalist with 17 years’ experience, writing about everything from savings and credit cards to pensions, property and pet insurance. 

Ruth started her career at MoneyWeek after graduating with an MA from the University of St Andrews, and she continues to contribute regular articles to our personal finance section. After leaving MoneyWeek she went on to become deputy editor of Moneywise before becoming a freelance journalist.

Ruth writes regularly for national publications including The Sunday Times, The Times, The Mail on Sunday and Good Housekeeping among many other titles both online and offline.