Don't use same passwords, change frequently to prevent hacking

KUALA LUMPUR - Individuals who prefer using only one password for all their accounts, such as e-banking and other applications using their personal data, have a high risk of being hacked.

Malaysian Cyber Consumer Association (MCCA) chairman Datuk Ahmad Noordin Ismail said such practice could indirectly allow cybercriminals to hack into their accounts easily, although having one password for all transactions could make it easier to remember.

"Any system using a username and password must be changed every three months and the changes should have a combination of at least 10 letters and digits.

"This change will further strengthen the system. However, if it isn't changed regularly, it could lead to hackers being able to crack the password and gain personal information such as identification card number, address information and such," he said at the 2023 National Anti-Scam Navigation Dialogue session on Saturday.

Noordin (second from the left) during the 2023 National Anti-Scam Navigation Dialogue session.

Noordin said the use of personal information such as names, home addresses or phone numbers as passwords is often a habit consumers have. "This makes it easier for hackers to hack into accounts, especially involving bank accounts.

"Not all the alphabets in the passwords must be changed, even adding a number or alphabet is enough. This minor change could strengthen an existing password.

"For example, changing a lowercase letter to an uppercase letter. The importance here is the change, as research shows all passwords can easily be hacked, but the process of hacking will take more time if it is constantly changing (because) they require more time to hack it again.

"Therefore, I hope everyone will be more vigilant towards using passwords for their personal accounts. Personal information should not be shared arbitrarily and passwords must be changed often," he said.