Online Password Security
PokerStars employs some of the toughest and most secure systems to protect the integrity of your account.
However, your account is only as secure as its weakest link, which for many people is their password. This information doesn't just apply to your PokerStars account, but also other online, password protected services that you might use.
Password protection is your responsibility and leads to secure online management. We can't emphasize this enough. Treat your PokerStars account like a bank account - it's your money, and we want to help you protect your funds.
There are three main ways that your password can be compromised:
- Someone can obtain your password if you tell them.
The best way to stop this is to never reveal your PokerStars password to anyone. Don't tell friends, don't tell family, and don't let anyone else use your account.
- Someone can guess your password if you use a word or phrase that can easily be guessed.
Don't use a simple password like 'password' or 'qwerty' or your User ID or your name. If you've done something famous - like win a particular poker tournament - don't use that as your password.
- Someone can 'phish' for your password by creating a fake website, or by installing nasty software on your PC.
The only place you should ever type your password is when logging on to the PokerStars client. PokerStars will never ask you to send your password to us, and you should never send it to us or to anyone else. There are no legitimate websites (accessed via your web browser) that require your PokerStars password.
You should also ensure that your computer's operating system is up to date, and you use high quality internet security software, including virus scanners, firewalls and so on.
How to practice good password security
Here are some good guidelines for staying out of password trouble:
- Don't write your password down where somebody can find it.
- Do change your password often.
- Don't leave your account logged on if others can access your computer.
- Don't use the 'Remember Password' option in the login screen if others can access your computer. This is particular important in offices and college dorms.
- Don't fall prey to scams and hustles where others want to access your account. If an offer sounds too good to be true, it probably is.
Tips for a strong password
Defending against a malicious hacker, the best passwords are those that a hacker cannot figure out. Here are some good guidelines to help you create strong passwords:
- Don't make your password something obvious that will be easy to guess. Don't use your name, your birth date, or any other simple phrase.
- Make it lengthy. The longer the password, the more secure it is. Password strength increases exponentially the longer the password is. Your passwords should be 8 or more characters in length, 14 characters or longer is much better.
- PokerStars allows you to create a password of up to twenty characters - long enough for a phrase made of many words (a 'pass phrase'). A pass phrase is often easier to remember than a simple password, as well as longer and harder to guess.
- Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. A 15-character password composed only of random letters and numbers is about 33,000 times stronger than an 8-character password composed of characters from the entire keyboard. If you cannot create a password that contains symbols, you need to make it considerably longer to get the same degree of protection. An ideal password combines both length and different types of symbols.
- Use the entire keyboard, not just the most common characters. Symbols typed by holding down the 'Shift' key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard.
- Use words and phrases that are easy for you to remember, but difficult for others to guess. The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.
- In general, passwords written on a piece of paper are more difficult to compromise across the Internet than a password manager, Web site, or other software-based storage tool, such as password managers.
Create a strong, memorable password in 6 steps
Sit down and allocate a couple of minutes to create a strong password. You're going to be using this password every time you access PokerStars, so it's worth your while to get it right.
Use these steps to develop a strong password (courtesy of Microsoft):
- Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as "My son Aiden is three years old."
- If the phrase is 20 or less characters, you can use the pass phrase (with spaces between characters).
- If it is too long, convert it to a password. Take the first letter of each word of the sentence that you've created to create a new, nonsensical word. Using the example above, you'd get: "msaityo".
- Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden's name, or substituting the word "three" for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become "My SoN Ayd3N is 3 yeeRs old." If you want to use a shorter password, this might yield a password like "MsAy3yo".
- Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of "MySoN 8N i$ 3 yeeR$ old" or a password (using the first letter of each word) "M$8ni3y0".
- Test your new password with PokerStars's Password Checker. Password Checker is a new feature in our software that helps determine your password's strength as you type.
Password strategies to avoid
It is important to avoid passwords that hackers can guess. Some tips to avoid easy-to-guess passwords:
- Don't repeat the same letter or number over and over, and avoid common sequences. Examples like '12345678', '222222', 'abcdefg', or adjacent letters on your keyboard do not help make secure passwords.
- Don't only use look-alike substitutions of numbers or symbols. People who are trying to steal your password are smart enough to not be fooled by common look-alike replacements, such as to replace an 'i' with a '1' or an 'a' with '@' as in 'P0k3rst@r5' or 'P@ssw0rd'. On the other hand, they can be helpful in conjunction with other efforts, such as long passwords or deliberately misspelling a word to improve your password strength.
- Don't use your User ID, or parts of your name, birthday, and so on. If you have a social network page or profile (like on Facebook, or MySpace) don't use any information from there in your password.
- Don't use any words that are in a dictionary in any language. One common technique used by criminals is to guess passwords based on words in dictionaries.
- Don't use the same password on PokerStars as elsewhere. If you have the same password on PokerStars and a poker discussion forum, for example, and the forum's systems are hacked, your PokerStars account will be an obvious target too.