Netizens urged to change passwords for New Year

MANILA, Philippines - New Year, new password. 

The National Privacy Commission yesterday urged Filipino netizens to include in their New Year’s resolutions the habit of regularly changing passwords.

Warning against identity theft and other forms of cyber crimes, privacy commissioner Raymund Liboro reminded Filipino internet users to secure their email and social media accounts. 

“Regularly changing your passwords for online accounts such as email and social media is one of the most basic and easiest ways of protecting your data privacy,” said Liboro. 

He also urged Filipinos using services of technology giant Yahoo to immediately change their passwords, citing recent confirmation of a massive data breach involving more than one billion users. 

“We suggest that you not wait until the end of the year to change your account credentials, but instead change them as soon as possible,” said the privacy commissioner. 

“Email is usually the means social media services such as Facebook confirm your identity. If your email is compromised, there is a chance that your social media accounts are compromised as well, and criminals could use confidential information there to commit cyber crimes directed at you or the contact list in your email and social media accounts,” he warned. 

Earlier this month, Yahoo confirmed a data breach on its system that compromised sensitive personal data such as email addresses, birth dates and telephone numbers. It was the second breach reported by Yahoo. 

The privacy commission said such information may be used in identity theft and phishing scams. 

Liboro also urged netizens not to use familiar words or phrases as passwords to minimize the possibility of access from unauthorized individuals. 

He also warned internet users against using a single password across multiple accounts, noting that a single hack would compromise the rest of the online accounts of the victim. 

The commission recommended the use of passphrases instead of passwords, as well as the use of initials of a memorable phrase combined with a mix of upper and lower cases, numbers and symbols. 

“Other than password changes, we are also recommending that internet users utilize two-factor authentication for confirming their identity. Two-factor authentication is when internet services send a text message or a code to your mobile phone to confirm who you are instead of just sending an email,” said the data commission. 

Email providers sometimes use this feature when someone accesses their account from an unfamiliar IP address or device, the commission also said.