- Install a reputable antivirus software program on all computers and keep them current.
- Make your password as long and complex as possible.
- Make it easy to remember, but hard to guess. Use a combination of letters and numbers you know, but would not make sense to others. Combine initials, important numbers and, if you are feeling particularly adventurous, a special character such as @ or # or $ or &. Use a mixture of upper and lower case letters. A good password could be 17dG$wm4.
- Use a different password. Use a different password for each website. Do not use your online banking password for other websites.
- Use trustworthy computers. Shared public computers like those in airport lounges, Internet cafes, public libraries, and hotel lobbies could be connected to keystroke loggers or infected with password-stealing viruses. Do not use them to access online banking or other websites containing confidential information about you.
- Never email your password or respond to an emailed request for your password or other confidential information. We will never ask you to submit confidential information in an email. Email travels the Internet in much the same way as a postcard travels through the U.S. Mail. There is no "envelope" to protect the contents from prying eyes. There is never a reason for anyone but you to know your password. Requests for your passwords via email are most assuredly scams.
- Do not include your login name in your password. Similarly, any part of your login name is a poor choice for a password.
- Avoid predictable sequences of characters, such as "1234" or "abcd," in your password. Automated password crackers often start by guessing predictable sequences such as these.
- Avoid dictionary words or names. Words in any language can be determined by automated password crackers that also contain multi-lingual dictionaries.