Step three
Generate new passwords for all your online accounts
We appreciate that this might seem daunting, but it is important.
Our advice is to set aside a period when there will be no interruptions. Then you can work through your website registrations systematically, ensuring that you don’t miss any. If you don’t have time now then we suggest you bookmark this page to return to, perhaps setting a reminder on your phone as a prompt.
The golden rule is to use a unique password for each site. It might seem attractive to re-use passwords in order to make things very easy to remember. But the fact that many people do re-use passwords is what cyber-criminals rely upon.
Fortunately, as with your email password, there is a method for creating extremely secure passwords for each site that is nevertheless straightforward to follow.
A system to create, unique – yet memorable – passwords
First, start by thinking of a new sentence.
DO NOT use the same sentence as you used in the previous step for your personal email account. But follow the same rules to create a unique personal ‘core’ password using the sentence’s upper- and lower-case letters, reversed numbers and symbols. (You can use a shorter sentence and we’ll show you at the end how you can double it):
SO IF YOUR SENTENCE IS:
Was I born in 1989?
YOUR CORE PASSWORD WILL BE:
WIbi9891?
Secondly, choose two positions in your password:
EXAMPLE:
3rd position and 8th position
PASSWORD:
WI_bi98_91?
Now, choose two letters that YOU associate with the site that you want to protect.
They should be the two letters that jump out at you (everybody sees things slightly differently!). Remember, there is no wrong or right choice here - just pick what works best for you. Here are a few examples and variations:
FACEBOOK:
FB (FaceBook), or AB (fAceBook), or FK (FacebooK)
INSTAGRAM:
IG (InstaGram), or NG (iNstaGram), or IM (InstagraM)
HOTMAIL:
HM (HotMail), or OM (hOtMail), or HL (HotmaiL)
Now, for each site, reverse those letters and make them lower case then place these letters in the two positions that you have chosen in your password.
e.g FB = bf, IG = gi, HM = mh, etc.
FACEBOOK:
WIbbi98f91?
INSTAGRAM:
WIgbi98i91?
HOTMAIL:
WImbi98h91?
And to make this even more secure, you can then double the password:
FACEBOOK:
WIbbi98f91?WIbbi98f91?
INSTAGRAM:
WIgbi98i91?WIgbi98i91?
HOTMAIL:
WImbi98h91?WImbi98h91?
So you now have unique, highly secure passwords for every site you use – whilst having to remember only one simple sentence, plus the two letters that ‘jump out’ at you from the title of each website.
You won’t be re-using passwords, nor using words or phrases that are easy to crack. Again, we’d stress that you should start with a different core sentence than you use for your email account.
Additionally it is recommended to use a Password Vault as this will remember the password for you and auto-fill it when you attempt to login to the site.
And, if any of your sites offer you Two Factor Authentication (2FA) or Multifactor Authentication (MFA) then it is best to activate it.