How to create a strong password
Passwords are your line of defence in the digital world. They keep your personal information safe and prevent unauthorised access to your computer and to your online accounts. Your electronic devices are home to a lot of sensitive and precious information, from bank details to data privacy, and having a strong password keeps your financial and personal safe.
On this page, we explain what makes a password strong (and weak), provide tips for how to create a strong password and look at how often you should change your password.
What's on this page
How does a password get hacked?
There are several ways that cyber criminals can hack passwords. Whether they use hacking technology, brute force or phishing, there are ways to break through.
Here are some of the common ways that hackers will try to crack your password.
1. Brute Force
Automated software runs through every combination in the book in seconds until it finally hits on yours. As the name suggests, this is a serious line of attack against your defence system. There are incredibly advanced hacking systems out there that can hit the staggering number of 350 billion guesses per second.
These brute force hacking systems tend to veer towards passwords of 12 characters or fewer, so when setting your password, length truly does matter.
Phishing is a way in which scammers can get you to unwittingly share your personal information or password with them. They may send you emails pretending to be your bank or credit card company, which will then link you to a fake site made to look like the bank site where you will be asked to input your data and personal information. This can also happen through scam phone calls.
3. ‘Dictionary’ software
While the brute force attack will try every combination of letters, numbers and symbols, the dictionary attack focuses on words. If you use a regular word as your password, odds are the dictionary software will be able to crack it. You may be able to dodge the dictionary attack by using a series of words together, especially if they are multiple words that commonly don’t go together (see our tips on how to make a good password below).
Top tips for creating a strong password
So how do you create a strong password? A good password should be something you remember…but also something that no one else would be able to guess.
It should be long, have a combination of different characters, and should be one of a kind, meaning you don’t use the same password anywhere else. Understanding what makes the difference between a weak and a strong password, and knowing general security tips for keeping your accounts safe, is good practice for all online users.
What makes a password weak?
A weak password can be simply not having a password at all or having a password that is easy to guess. If your password is something obvious, like the name of your company, your name or birthdate, or something like ‘password’ or ‘1234’, this is considered a poor line of defence.
What makes a password strong?
A strong password is tricky to crack – even with highly sophisticated software. It normally contains a mixture of letters, numbers and symbols, more than seven characters, and isn’t at all linked to any previous password or anything to do with your business name.
You can create your own password or you can generate one with an offline password generator. In a nutshell, this is what makes a strong password:
- More than seven characters
- A mixture of symbols, letters and numbers
- A mixture of uppercase and lowercase letters
- Is different to previous passwords
- Doesn’t contain your name / business name / any obvious information
How to create a strong password
Need help creating a password? Here’s how to make a good password:
- Choose three or four random words and put them together
- Use a memorable phrase that’s personal to you
- Create your own acronym
- Play around with patterns on your keyboard when picking letters
- Spell things incorrectly on purpose
- Throw in random spaces and brackets
- Repeat words when you have a short password
- Swap letters around at random
- Include punctuation
- Swap letters for similar looking numbers, e.g. O becomes 0, and A becomes 4
How often should you change your password?
Experts recommend changing your password at least every three months, or even every month if your password is for sensitive information, such as financial data.
Good security measures to practise
Keeping data safe doesn’t just stop at a password, and there are other good practices you should get into the habit of when it comes to protecting your online data. Here are some dos and don’ts that will help keep your data safe:
Having a solid and secure password is essential for keeping your information safe. With the rise of online banking, financial apps and so much of our personal data being stored online, it’s important to take the necessary steps to stay safe.
The simple measure of having a strong password in place can give you a fighting chance and keep the brutes and phishers at bay.
Get the inside scoop
Want to be in-the-know on all things savings?
Of course you do. Sign up and be the first to find out about top rates as soon as they land,
exclusive account holder-only offers, and the latest money news.
You’re now just one step away from receiving exclusive rates and offers as soon as they land.
To complete your registration, please confirm your email address by clicking the link in the email we’ve just sent you. If you can’t see the email in your inbox, it may have gone to your junk or spam folder instead.