Create a strong password for better fraud protection

Make it one that you can remember!

A password for your email. A password for your social media. A password to access your financial accounts. A password for … well … everything. And it needs to be 8 characters, unless it needs to be 12 characters. Or 15. Please use a capital letter and a number, or a number and a special character, or maybe all three. Make it strong. Make it unique. Don’t write it down.

And remember it. Them. All of them.

Length equals strength

There are several factors that go into making a strong password, but chief among those is length. Traditionally passwords were eight characters, and some websites still enforce an 8-character limit. But wherever possible, a password of no less than 12-15 characters is stronger.

One way to create a password that long is to use a pass phrase: a sentence that you can remember. For instance, consider the sentence: I think passwords can be a lot of trouble to manage. That sentence is 41 characters long, not counting the spaces. Even without special characters or numbers, the website gives this pass phrase a score of 100 percent. Add some numbers, capital letters and special characters and it will get even stronger; e.g. I think passwords can be a LOT of trouble to (1) manage! If you’re working with a site that doesn’t allow spaces, just add a dash between the words. It substitutes for the space and acts as a special character.

Not only are pass phrases longer and therefore more secure, they are easier to remember. Just make sure to avoid famous quotes that can be looked up and common expressions that can be guessed. It might surprise you to learn that the quote, “One if by land two if by sea” appears on a list of common passwords. Instead use a sentence that makes sense to you, but which can’t be found in any book or source.

How it works

Pass phrases work because the tools hackers use to crack your password begin to lose effectiveness after 10 characters. The more characters you add, the more the hacking tool breaks down. And a phrase is easy to remember, easily accommodates the complex rules for creating passwords, and is allowed by all the major operating systems.

In the future, fewer institutions will require passwords or phrases. They will be replaced with biometric identifiers, like fingerprints or some yet-to-be-developed technology. Until then, the pass phrase is your best bet for foiling the hackers.


Back to fraud resource articles

Go to main navigation