Home Bank accounts
Credit cards
Savings and investments
Home Banking Solutions
Credit Cards
Going Further
Tips and Tools
Wealth Management

How to create a strong password

02 August 2019 by National Bank
Take precautions against identity theft

Passwords are part of our everyday lives. We use them to access emails, electronic devices, accounts and apps. In other words, they safeguard our private, sensitive information. Coming up with a password that's convenient (easy to remember) and secure (hard to guess) is always a challenge. If you'd like to learn more about passwords and how to effectively secure your accounts, read on.

Common pitfalls when creating passwords

Want to make the most of technology without compromising your security? Here are the most common pitfalls to avoid when creating a password:  

  • Making your password too short and simple

Resist the temptation to pick a short, simple password or a password based on your personal information. Here are some examples: a series of numbers ("12345"), letters in alphabetical order ("abcd"), your year of birth ("1956") or the name of your dog ("Fluffy"). These types of passwords are easy to hack and should be avoided at all costs.

  • Using the same password for all your accounts  

When you reuse the same password for several apps or websites, you're at greater risk of falling victim to identity theft. Cybercriminals often buy stolen identifiers and try them out on many sites. By using a single password across the board, you're making their job a lot easier.

  • Keeping your passwords in an unsecured location

Storing your passwords on your phone, in an email or in a notebook is never a good idea. Keeping your passwords in an unsecured location means that your information is likely to be compromised if your phone, laptop or other belongings are lost or stolen.

  • Sharing your passwords

Confidentiality should be your top priority when it comes to managing your passwords. When you disclose your password to another person, you're giving up control. Even if they don't have bad intentions, they could lose your password or reveal it to someone else. In short, you've increased your risk of identity theft.

Now that we've looked at what not to do, the question remains: how do you create a strong password?

What makes a strong password?

Basically, you're looking for a password that's easy to remember but impossible to guess. Follow the internationally recognized best practices set out by the National Institute of Standards and Technology (NIST) and start creating passwords like a pro.

Longer passwords are more secure

Aim for a password that's 12 to 21 characters in length. Experts say that a simple 7-character password can be cracked in a few milliseconds. A password needs to be at least 12 characters long to be considered strong. And a password with 21 characters is virtually un-hackable using current technology.

You may not want to use the maximum number of characters, but keep in mind that every character you add increases the security of your password exponentially.

Afraid of forgetting such a long password?

To come up with a long password you'll be able to remember, think of a simple sentence like "going to Toronto" or a series of random words like "zone of zebras." You can write the phrase with spaces between the words or without (spaces will count as special characters), or with dashes, numbers, or other symbols.

Good to know

Contrary to popular belief, using special characters does not increase the strength of a password. A short password is easy to hack, regardless of what it contains. Basically, a long phrase is better than a single word filled with % signs.

Even so, some sites still require special characters to be used in their passwords. If this is the case, choose a 3 to 5 word phrase and insert special characters as needed, such as "!$%?&*;:=+()/" symbols, numbers and upper case or lower case letters.

Password managers: A smart option

A study conducted by Dashlane, a password management application, estimated that in the near future the average internet user will have 207 online accounts. So while experts recommend creating a separate, long password for each account, remembering hundreds of them is virtually impossible.

Using a password manager is a great idea for people with a large number of passwords.

What does it do? A password manager will save you the trouble of memorizing all your different login details. It will also generate passwords for you automatically.

How does it work? The app stores all your passwords in one place. You just use a single password, which serves as a "master" password. When you enter this master password, the app will automatically fill in the fields when you log in to your various accounts.

Is it secure? Since these password managers are a point of entry to all your accounts, your master password needs to be un-hackable. A strong password is key when it comes to using this type of app effectively.

Be careful when shopping online for apps that will be granted access to your login details and personal information. Always double-check the source before sharing any confidential information.

With recent advances in biometric identification (fingerprint scanning or facial recognition), experts have been predicting that passwords will become obsolete for several years now. But in the meantime, these tips and tricks can help you manage your passwords as effectively and securely as possible. If you'd like to learn more, read about avoiding phishing scams and online fraud.

Legal disclaimer

Any reproduction, in whole or in part, is strictly prohibited without the prior written consent of National Bank of Canada.

The articles and information on this website are protected by the copyright laws in effect in Canada or other countries, as applicable. The copyrights on the articles and information belong to the National Bank of Canada or other persons. Any reproduction, redistribution, electronic communication, including indirectly via a hyperlink, in whole or in part, of these articles and information and any other use thereof that is not explicitly authorized is prohibited without the prior written consent of the copyright owner.

The contents of this website must not be interpreted, considered or used as if it were financial, legal, fiscal, or other advice. National Bank and its partners in contents will not be liable for any damages that you may incur from such use.

This article is provided by National Bank, its subsidiaries and group entities for information purposes only, and creates no legal or contractual obligation for National Bank, its subsidiaries and group entities. The details of this service offering and the conditions herein are subject to change.

The hyperlinks in this article may redirect to external websites not administered by National Bank. The Bank cannot be held liable for the content of external websites or any damages caused by their use.

Views expressed in this article are those of the person being interviewed. They do not necessarily reflect the opinions of National Bank or its subsidiaries. For financial or business advice, please consult your National Bank advisor, financial planner or an industry professional (e.g., accountant, tax specialist or lawyer).