Jump to main content
NY.gov Portal State Agency Listing
DOS, Consumer Protection logo DOS Home | About Us | Contact Us | Site Index | En Español | FOIL
Andrew M. Cuomo - Governor          
Consumer Topics A-Z Accessibility Disclaimer Privacy Policy
Passwords (April 2009)

Passwords are the first line of defense in protecting personal information on our computers. However, their value is often misunderstood and underestimated. According to studies, passwords are all too easy to steal. Thus, it is important to follow best practices in the creation of passwords to help safeguard your personal data. Here are ten suggestions to help you create stronger passwords.

  1. What information is being collected about you? Can any of this information be used to identify you personally? Is it being used by itself or in combination with other information?
     
  2. For what purpose are they using your information? Is the information used only for the purpose for which you offered it? Is it being used for any other purpose? If so, do you find any of these purposes objectionable?
     
  3. With whom are they sharing your information? Are they employees of the company? Or are they subsidiaries or affiliates of the company? Are they individuals or businesses which are outside the company?
     
  4. Are you given choices? Are you able to grant permission for collecting, using or sharing your information?
     
  5. Is the choice to opt-in or opt-out? In other words, do you have to say “yes” before information can be collected, used or shared? Or is your only choice to say “no” to stop the collection, use or sharing that may have already occurred?
     
  6. Do you have the right to know what information the website has about you? Is there a way for you to access this information so you know what they have?
     
  7. Do you have the right to modify or delete information about you? Is there a mechanism for you to change information that is inaccurate or inappropriate?
     
  8. Is your web surfing behavior being tracked for commercial purposes? Does the site use cookies? Web bugs? Other tracking methods?
     
  9. How is your information being secured? What steps is the company/website taking to prevent identity theft or a data breach?
     
  10. How long is your information being retained by the company? Is it deleted right away? Or kept for a period of time? How long? Does the company explain why it needs to keep your information for this period?

The stronger your passwords, the safer your data will be from intruders, hackers or criminals. The time you spend today in creating solid passwords might indeed save you considerable expense and effort later, if your personal information is compromised.

Last Modified: July 06, 2010