1. Create a password that is at least eight characters and includes numbers and characters like ! or # Avoid a dictionary word or name.
2. Avoid using the same password for financial sites that you use for everyday activity like email.
3. Always make sure you are at the site you want by looking for "https://www..." in the address bar. Note the "s," that means you have a secure connection to that site. (See, How do I make sure a Web site is safe when I shop online?)
4. Make sure you are really at the site you want. Click on the yellow padlock and read the security document. Look at two things-who owns the site and who issued the certificate. Make sure you recognize BOTH names. (See, If I have a secure connection to a Web site, does that mean I can trust the Web site?)
5. Don't click on a link in an email; type in the URL instead. Clicking a link in a fraudulent email can take you to a phishing site that will look so real it will fool you into entering your login information.
The safest way to protect your digital identity on the Internet is with some sort of personal digital security smart card or token to prove it is really you.
Security experts call this "two-factor" authentication and it is much more secure because you need the smart card or token and your PIN or password to use your online identity.
Some leading online service providers are offering a security device option; look for the "security" section in their customer support area. In the U.S. today you are more likely to use "two-factor" authentication at work.