Setting up strong passwords is probably the simplest, most effective thing you can do to stay safe when you’re on the internet.

Avoiding weak passwords

Weak passwords are made up of common words, numbers or keyboard patterns. Some examples of weak passwords that are used a lot include:

  • password
  • 123456
  • qwerty
  • password1

These passwords are very easy to guess, so if someone is trying to gain access to one of your online accounts, they will try these.

Choosing a strong password

A strong password is difficult for anyone to guess or 'crack'. When you sign up for an account and choose your password, many websites will give you an indication of how strong your password is. It will also specify if the password needs to include numbers, letters, and symbols.

A strong password should:

  • be at least 8 characters long (preferably 12)
  • include a combination of upper- and lower-case letters
  • include some numbers and keyboard symbols such as & or !
  • not include personal information, such as your name, any usernames, your date of birth, or any family member's details.
  • not include common words like 'password'

Choosing different passwords

Use different passwords for different websites or accounts. It can be tricky to remember lots of different ones, but if you have the same password for all accounts and a stranger or hacker gets access to your account on one site, they'll be able to log in to all your accounts.

It's best not to recycle passwords (for example password2, password3), as these are still very easy to guess if someone gets hold of one of your passwords.

If passwords with numbers and symbols are too hard to remember, using three random words together can make a stronger password, as long as those words don't contain your personal information.

Being careful writing down your passwords

Never write down your password. If you need a written reminder, try to write a hint that only you’ll understand, rather than the actual password. 

If you do write anything down, keep that information somewhere safe and away from your computer.

Using password managers

Some internet browsers have built-in password managers. This is software that remembers your passwords for different sites and fills them in for you automatically when you need them.

When you log in to a website for the first time, the password manager will ask if you want it to remember the password. You have the choice if you want it to or not. It can save time to use this function, but it only works on your own computer.

Password managers make it easier to use different strong passwords for each separate account, because it remembers them for you.

However, you should make sure that your computer needs a password or PIN to access it. And it's worth noting that your login details will be available to anyone you share the computer with so make sure it’s only shared with people you trust – and don’t use the password manager anywhere public, like the library.