Are your online passwords safe?

Password Today, nearly everyone has passwords for email, banking, social media, and other Web sites. As a doctor, your passwords may protect your email and social media accounts, your practice website, patient information in an EMR/EHR system, and even your money. Passwords are guessed or stolen every day, often by people who do not even know their victims. No password can be completely secure, but there are some steps you can take to lower your risk.

How to choose better passwords

The most important way to protect your online accounts is to use a different password for each site, because if one password is stolen, the thief may try using it on other sites. For example, if your email password was stolen, and you use the same password for a bank account, the thief may gain access to your money.

Key Point: Choose different passwords for each Web site you use, especially for email and bank accounts. Be careful with your passwords, to be sure that you do not mistakenly give them to online scammers.

To choose better passwords:

  • Do not use your login ID as your password – this the easiest password for someone to guess
  • Do not use patterns that appear on your keyboard, such as “123qwe” or “zxcvbn”
  • Check to be sure your passwords are not on the latest “25 worst passwords” list, reported by many news sites (http://news.yahoo.com/25-worst-passwords-2012-145000121.html)
  • Experts recommend using a mixture of letters, numbers, and symbols instead of whole words

Your web browser may also offer to save passwords for you when you log into a site, so that you do not have to remember each one. This can be helpful if you have a computer or mobile device that no one else will use, but it should not be done on shared computers. It is also best not to save bank passwords or email passwords.

Check your online accounts

If you think one of your online accounts may have been accessed by someone else,[s2If !is_user_logged_in()]…

[/s2If][s2If is_user_logged_in()] you should change your password immediately. For email accounts, you should also check your “sent” messages to see if someone impersonated you, and check if there is a vacation message set – this message would be sent to everyone who sends emails to you, and is sometimes used by password thieves to send out links to their own Web sites.

On social media and other types of sites, make sure that there are no unusual messages sent to your followers or connections. You may also want to check your profile to be sure that no one entered links to their own sites.

More safety considerations

Even the best passwords can be stolen on a computer that is infected with spyware. If your antivirus software is expired or if you have none at all, you can install free antivirus software for basic protection. Searching for “free antivirus” on Google or Bing provides a number of options. Some of the software is only free for a short period of time, and some is free indefinitely but may have fewer features.

Scammers can also trick people into giving up their passwords inadvertently. In a recent story from Times of India (http://timesofindia.indiatimes.com/city/mumbai/Dadar-doctor-falls-prey-to-phishing-scam-loses-Rs-1-4L/articleshow/19960746.cms), a doctor lost Rs 1.4 lakh when scammers pretended to represent his bank. Scammers are often very good at copying a recognized Web site, so that when they ask you enter your password, it appears to be legitimate. If you receive a message that seems to be from your bank, it is best to go to their site directly instead of clicking a link in an email – if in doubt, call the bank personally before trying to log in.

There are also sites that ask for your email password so that you can invite your contacts to their service. Though some of these sites have legitimate uses, it is also possible for these sites to access your contacts, read your emails, and send emails on your behalf without your knowledge. If you choose to use sites like this, be aware of these risks.

Take action

If you currently use the same password for email, banks, and other Web sites, first be sure that your computer is safe and has updated antivirus software (consult an expert if necessary), and then choose unique passwords for email and bank accounts.

[/s2If]

Log in or register for free to continue reading
Register Now For Free Already Registered? Log In
This entry was posted in Business of Medicine, Practice Management and tagged , , , , . Volume: .

3 Comments

  1. DR.M.KANTHILAL JAIN
    Posted May 2013 at 5:54 pm | Permalink

    thk u very useful tip

  2. Sanjay Datta
    Posted Aug 2013 at 5:09 am | Permalink

    I have heard that the password remains as preserved on memory of a computor. It is problematic when a person uses password to open a file in a cyber. Is there any tip to delete it from memory

    • mdCurrent-India Staff
      Posted Aug 2013 at 1:29 pm | Permalink

      Dr. Datta,
      You are correct that the passwords may be saved, depending on how the cyber cafe computer is set up. Although you can delete saved passwords in the web browser’s settings (how to do this varies widely depending on which browser they installed), there is no way to be 100% sure that passwords have not been saved by other software that someone installed on the cyber cafe computers, unfortunately.

Post a Comment

You must be logged in to post a comment.