Password advice

We now use the Internet for a wide range of activities, including online banking, online shopping and online research. Increasingly, we’re also using the Internet to socialize. In the last few years there's been a massive growth in the number of social networking sites. We share all kinds of personal details as well as music, pictures, and videos.  Unfortunately, the more personal details we make available, the more exposed we are to online identify theft.

Given that passwords protect such valuable data, they're clearly very important. You should protect all your online accounts with passwords - but you must be careful when choosing them.  Passwords help safeguard you against identity theft. They make it harder for cybercriminals to profile you, access your bank account (or other online accounts) and steal your money. 

Choosing a good password is an important part of lowering the risk of becoming a victim of cybercrime. The following guidelines should help you when choosing passwords for your online accounts.

Add extra security with 2-Factor-Authentication: Two-factor authentication adds a second level of authentication to an account log-in. When you have to enter only your username and one password, that's considered a single-factor authentication. 2FA requires the user to have two out of three types of credentials before being able to access an account. Learn How

This site,, will tell you how strong your passwords are.

How to choose a strong password and other safety precautions:

  1. Don't use variations of any obvious people, numbers, or things related to your life. This includes names, addresses, phone numbers, social security numbers, or variations of any of these. Don't use words or phrases. Don't use the first letters of each word in common phrases. Do use a combination of random numbers and letters. Many financial institutions will provide a random password and/or user name for you; use these. If possible change the password to one only you know, and change it online over a secure connection into the bank or credit union's official web site.  Don’t recycle passwords, e.g. don’t use 'password1', 'password2', 'password3', etc. for different accounts.

  2. Don't write your password down.  Make your passwords memorable, so that you don’t have to write them down or store them in a file on your computer (remember, this file could be stolen by cybercriminals).
    and if you do . . . If you right down your password you make it possible for anyone who has access to your house, whether legally or not, to gain access to your account. If you do want to have it in writing, in case you forget it, write it down, and place it in your physical deposit box (yes, sometimes you still need a physical place) or a safe.

  3. Don't use the same password or user name again.  Many online stores and even some information based web sites require that you register to use their service, and that requires having a user name and password. No matter how easy it seems to have one user name and password for all your Internet accounts, don't do it. If you desire convenience, create one password and user name combination that you use for all your non-bank accounts. If an online store, or any web site, sends you an email confirmation that contains a new password, login again and change your password immediately.  

  4. Don’t use the same password for multiple accounts. If a cybercriminal finds the password to one account, they can use to access other accounts.

  5. Create a different password for your financial institution. Remember, many web sites don't have the security your online financial institution does. Don't allow your password to inadvertently be revealed or misused.  

  6. Don't save the password on your computer.  Many modern browsers allow you to save passwords on the computer's hard drive and have them come up as you type in your username. It may be convenient, but you allow anyone with access to your computer, whether for a couple of minutes or hours, the ability to access your account. It may never happen, but don't make it easy for your account to be accessed.

  7. Log-off your account and close your browser when done. Many financial institutions will automatically log you out of your account if you don't use it for a set amount of time, usually five or ten minutes. This step is to make sure only you use your account. If you happen to step away, your account will not be open for hours to anyone who could come along. Even if your financial institution offers this service you should log-off of your account immediately when you are done using it. Additionally, if others people use the computer, you should shut down your entire browser to insure that previously viewed pages will not be accessible.

  8. Anti-Virus / Malware Software.  Check that your Internet security software blocks attempts by cybercriminals to intercept or steal passwords.

  9. Change Passwords Often. It is best to periodically change your passwords as an added precaution to remain as safe as you can. It is recommended to change your passwords every few months.