8 tips for safer passwords

IN: Help centre

When it comes to online banking, thankfully a hacker needs more than just a password to gain access to your hard-earned money. But many other online services don’t require any additional pieces of information in order to gain access.

To stay safe online, it’s vital to have a strong and unique password in place for all of your accounts.

So how do you take steps to strengthen your security?

1. Don’t use the same or similar passwords for all your accounts

This is the number one rule for online safety, yet a survey by Password Boss found that 59% of consumers still re-use their online passwords.

While only having a couple of passwords in play might reduce your likelihood of forgetting your password, it increases your chances of being a victim of theft or fraud too.

Think about it: if you use the same password to login to each of your accounts, it only takes one correct guess to compromise your entire online identity. Plus, even the simplest online shopping accounts will contain your address and date of birth – personal details that you don’t want a criminal to have access to.

2. Use your head, not your heart

According to a survey by Google Apps, the following passwords are the most common in the UK:

  • Pet’s name
  • Significant date (e.g. wedding anniversary)
  • Date of birth of partner / close relation
  • Child’s name
  • Other family member’s name
  • Place of birth
  • Favourite holiday
  • Something related to a favourite football team
  • Partner’s name

Clearly, we keep our passwords close to our hearts.

But this means that all a hacker has to do is try a few random sequences of numbers, put in some popular names, and do a quick check on social media, and they’ve unlocked both your password and, probably, the answer to your security question. It’s better to be safe than sentimental.

3. Avoid the usual suspects

Some of the most common passwords in the world are ‘12345’, ‘123456’, ‘qwerty’, ‘princess’, ‘hello’, and of course ‘password’ – and even if you add a few numbers to the end to make them more original, it’s still going to be the first port of call for hackers.

The same goes for using the name of the company – for example ‘Amazon123’ for your Amazon account. Try not to make it too easy for whoever wants to steal your data.

4. Embrace nonsense

Thanks to what’s known as ‘dictionary attacks’, passwords featuring real words are becoming increasingly easy to crack. Hackers simply use software that can test thousands of words and phrases in a matter of seconds.

One way to get round this is to use words that aren’t words. To make them more memorable, perhaps you could combine parts of a few words together.

Another suggestion is to pick a phrase known to you or a line from a song that other people would not associate with you and take the first character from each word to create a new word.


But don’t be too obvious about it. People have been swapping zero for ‘o’ and five for ‘s’ for years, and hackers are wise to it.

Where your online providers allow, you’re better off sprinkling a few random numbers and punctuation marks through a memorable password, and using a mix of capital and lower case letters. So ‘CashISA’ could become ‘cA91sh!iSA!93.’

Sound impossible to remember? Well, with that in mind…

6. Consider using a password management tool

These clever online facilities allow you to create a ‘vault’ of randomly-generated, long and complicated passwords for each of your online accounts. Many will also ‘audit’ your existing passwords to see how strong they are – and suggest alternatives to improve your security.

This way, the only password you need to remember is the ‘key’ to your vault. Just make sure it’s a strong one.

7. …or alternatively, use pen and paper

Be warned: the experts don’t advise writing your passwords down if you’re going to leave them lying around.

For example, you should never keep your ‘password paper’ on your desk at work or in your wallet – it’s far too easy to misplace or steal. But if you’re really determined to keep a paper record of your passwords, here are the best tips to keep it secure:

  • Never write the username / email address with the password – so if someone finds your list, at least they won’t have all your information.
  • Never write what the password is for – don’t label your password with “bank account” or “email”, for example.
  • Use a random page in a used notebook, rather than a single piece of paper – it’s less conspicuous.
  • Change your passwords slightly – for example, by adding three random characters to the end of each of them. You’ll be able to crack the code instantly, but someone else might struggle.

8. Change them every now and then

Most surveys say that people don’t like to change their passwords very often. Some are worried they’ll forget them, some know it’s important but tend to overlook it, and others simply can’t be bothered.

But now is a great time to break that trend. With eight handy tips for safer passwords under your belt, it might just be time to take a look at your online security, and make a few key improvements for the future. All it takes is a few clicks, and several stronger passwords.