Stop worrying about keeping your online passwords safe, and start worrying about keeping your username a secret.
Actually, worry about both.
According to Shaun Murphy of tech firm PrivateGiant, hackers can piece together information using your usernames and publically available snippets about you floating around in cyperspace, and steal your identify even if your passwords are all Fort Knox secure.
He tells us the five common mistakes to avoid when picking a username. Here’s what NOT to do:
1. Use the same name everywhere
“Just like recycling a password is a bad idea, you should avoid using the same username to log into different online accounts as well,” Murphy says. “Having one common username across accounts just makes it easier for criminals to search for and find details about your life.”
2. Include your actual name, or even part of it
“Business professionals and students often use a variation of their full name as an email address, on social media and other online forums. While people might be able to easily search for and follow or friend you, you are also making it easier for criminals to do the same.”
3. Reveal details about your location
“Whether it is the city you reside in now or where you were born, including a meaningful location in your username is never a good idea. Not only is it one more tool criminals can use to narrow their search for your personal details, it is also a common password security question.”
4. Use your birthday or other “meaningful” digits
“While a string of four to eight numbers might seem random, a criminal will be able to use a birthday or street address to verify if the information they are accumulating is all for the same person.”
5. Make your username the same as your email address
“Linking a username with an email address can simplify a criminal’s search for your personal information. Using trial and error, a criminal can add common email providers to your username, run a search and pull up your social media accounts and any other sites where you have used that email address to create a profile. Some email providers including Gmail, Outlook and Yahoo allow users to alter their email address into an infinite number of disposable addresses. For example, if your email address is JohnSmith@Yahoo.com and you want to sign up for a new deal website, you can alter your email address just for that site by adding an identifier to it such as JohnSmith+FreeRunningStuff@Yahoo.com. This keeps your actual email address private and can help stop criminals from being able to track your online history simply by searching for one of your email addresses.”