Stay Safe Online: Creating a Secure Password

Passwords can be the first barrier online criminals face when trying to steal and use your personal details - understanding what makes a password strong can help you keep your information safe.

As online security has become more complex, a good password should balance being complicated enough that no one can guess it but easy for you to remember – see below a few ways you can create a secure online password.

Choosing a Password

Keeping these points in mind can help you create a strong password:

  • A longer password will reduce the chances of someone guessing it or an attacker from cracking it. Websites can have different minimum length requirements for a password but aiming for between 8 and 32 characters is a good starting point
  • Hackers may try to guess your password using clues from your identity. Avoiding passwords with your real name, username, or any phrases related to you - like your address, birthday, school names, or company - will help make your password more secure
  • Choosing different passwords for each website where you have entered details can prevent someone from using one password to access multiple accounts
  • Substituting numbers or symbols for letters, such as changing ‘turtledove’ to ‘turt13d0v3’, is a method well-known to hackers, and it may not be enough to prevent them from guessing your password - try some of the following best practices:
    • Use a mix of upper and lower case letters, numbers, and symbols in an unpredictable order, e.g. Jan3#564@TRa1n
    • Avoid company names or mimicking the username
    • Avoid using more than two repeating characters, e.g. Jannnuary Yeeeear

Keeping It Protected

There are a few ways you can try to keep your password secure:

  • Never share a password, even with family members or close friends. Your bank should never call or email you asking for your password or PIN. If you receive a call or message asking for your password or PIN from someone claiming to be your bank or credit company, don’t give them any personal information or passwords, and contact your bank immediately. Remember the P in PIN stands for Personal.
  • Avoid keeping your password written down.
  • Using multi-factor authentication can add another level of security to your accounts as it asks for further verification of your identity before allowing access. The extra verification may include:
    • A piece of information only you know, such as a password or secret question and answer
    • A trusted device only you can access like a mobile phone, where you’ll be told how to sign in
    • Something that can’t be faked, such as a fingerprint or retina scan
  • Downloading and installing anti-virus and online security software can help protect your computer from outside attacks, such as malware and viruses that could try to steal information off your computer
  • Storing passwords on your web browser may be risky as they can be visible to hackers looking to steal your personal information
  • When creating your password reset questions and answers, keep in mind how easy it might be to guess the answer – is the information readily available or easy to research? If so, it may be safer to choose a more difficult question.

Password Managers

Password managers can help keep your passwords safe and secure without the need to remember different combinations of letters, numbers, and symbols. You can enter the passwords you use for different sites into the software, which remembers the passwords for when you sign in – you’ll normally only have to remember the master password for the password manager.

Different password managers work in different ways and can offer a variety of services:

  • Some act as plugins or extensions for your browser. They can save entered passwords and re-enter them when you visit the site again
  • They can also save and enter other information on the websites, such as your name, address, or phone number
  • Many password managers can detect when you change a password, and may either ask if they should update their database, or do it automatically
  • Password managers can also come with a built-in password generator. This creates and stores a secure password, therefore you won’t have to remember a complicated series of numbers and letters
  • Some may be able to synchronise with accounts on other devices, such as your PC or Mac, phone, or tablet, and manage application passwords, as well as web pages

Like any digital software, password managers can also be a target for fraudsters, therefore it’s important to look for well-known applications with established reputations – services that you pay for can be more secure than free applications.

1Password and F-Secure are two popular products, but it’s important to research any product before downloading. It is essential that the master password for the manager is a very secure one.

Safe & Secure

Choosing a safe password has become a fixture in modern security, and as security becomes more complex so do the methods criminals use to get past it. This makes it important to know what makes a password secure, as well as ensuring you have a strong password to help reduce the risk of falling victim to identity fraud and other cybercrimes.

Related Articles