Skip to main content

Using Strong Passwords

Strong passwords are the first line of defense in keeping an account safe. If a password is easy to guess, a malicious actor may be able to access the account and any information stored on it, including personal and financial data. Using strong, unique passwords for each account is a simple and effective way to help keep your information secure. 

A password should be unique to you and only something you know. It should use a combination of upper and lower case, numbers, and special characters (such as @, #, $, etc.). 

A password should not be any word found in the dictionary. Avoid using common phrases, quotes, and song lyrics. Because of their popularity, they are often easy to guess. Letters and numbers in alpha order (ABCDEF) and numeric order (123456) should also be avoided.

Just because a password meets the password requirements does not mean it is strong. Many passwords that meet requirements can be easy to guess because they follow the same pattern. For example, if a number is required, a “1” is typically added at the end. The upper-case letter requirement will likely result in it being the first letter in the password, and the special character requirement is frequently met with an exclamation mark. 

To create a strong password that meets requirements, mix in an assortment of letters, numbers, and special characters in places that make it easy for you to remember but difficult for others to guess. Replace some letters with similar numbers or special characters, like using “@” for “a” or “3” or “e”.

To further secure an account, consider using a passphrase as a password. Passphrases use an entire phrase or sentence in place of a password, but because they are unique and meaningful to you, they are easy to memorize.