Stay safe online

Passwords

Passwords are the first line of defense against cyber criminals. It’s important to pick strong passwords that are different for each of your important accounts and to change them regularly. Here are some ideas to help create strong passwords.

  1. Use a unique password for all your important accounts.

    Use unique passwords for your accounts, especially important accounts like email and online banking. You are likely to have dozens of accounts across the web, and you cannot guarantee the security of all of them. Criminals target sites that lack strong security, in order to harvest usernames and passwords that they test against other popular sites. When you use the same password across the web, a cyber criminal can learn the password from a less secure site and then use that password to compromise your important accounts.

  2. Use a long password

    The longer your password is, the harder it is to guess. There are almost one quintillion possible 10-character passwords (that’s 4,000 times as many possibilities as if your password only has eight characters) … and that’s if you only use numbers and letters.

  3. Use a password with a mix of letters, numbers, and symbols

    Using numbers, symbols and mixed-case letters in your password increases the difficulty of guessing or cracking your password. For example, there are more than 6 quadrillion possible variations for an eight-character password with numbers, symbols, and mixed-case letters – 30,000 times more variations than an eight-character password with only lowercase letters.

  4. Try using a phrase that only you know

    One idea is to think of a phrase that only you know, and that relates to that particular website to help you remember. For your email you could start with “My friend Tom sends me a funny email once a day” and then use numbers and letters to recreate it. “MfTsmafe1ad” is a password with lots of variations. Then repeat this process for other sites.

  5. Make sure your password recovery options are up-to-date and secure

    Make sure your recovery email address is up to date so that you can receive emails in case you need to reset your password. Sometimes you can also add a phone number to receive password reset codes via text message. Additionally, many websites (including Google Accounts) will ask you to choose a question to verify your identity if you ever forget your password. If you’re able to create your own question, try to come up with a question that has an answer only you would know. Try to find a way to make your answer unique – you can do this by using some of the tips above – so that even if someone guesses the answer, they won’t know how to enter it properly.

  6. Keep your password reminders in a secret place that isn’t easily visible

    Don’t leave notes with your passwords in plain sight, on your computer or desk. If you do decide to save your passwords in a file on your computer, create a unique name for the file so people don’t know what’s inside. Avoid giving the file an obvious name, such as “my passwords.” If you have a difficult time remembering multiple passwords, a trusted password manager may be a good solution. Spend a few minutes checking out the reviews and reputations of these services.

  7. Add an extra layer of security to your Google Account

    When you leave your house you feel a bit safer knowing the door’s locked. But imagine how much safer you’d feel if the door was guarded too? The same goes for the information in your Google Accounts. By switching on 2-step verification you’ll have not one, but two security measures to help prevent someone from breaking in.

    Once you’ve created a password for your Google Account, you can add an extra layer of security by enabling 2-step verification. 2-step verification requires you to have access to your phone, as well as your username and password, when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can’t sign in to your account because they don’t have your phone. Now you can protect yourself with something you know (your password) and something you have (your phone).

    You can even use that extra layer of security to protect your data on other websites. Just look for the option to sign in with your Google Account, or to use the sign-in information of other companies that offer features like 2-step verification.

Set a safe password

It’s good to know that there are several ways to make your password stronger. Read the next topic: How to protect yourself against phishing