Jump to Main Content

How to create a strong password

man smiling at his phone

These days, we do so much online – shopping, banking, booking vacations, watching TV, ordering groceries and more. All these sites require passwords, and many have your financial information on file – like the credit card you use for Amazon and Netflix. This provides hackers with plenty of opportunities to crack your password and steal your financial and personal information. If they manage to crack your online banking password, they can access your money directly. Here are our tips for creating the best password to protect your information.


Meet password requirements

Most sites have basic requirements for good passwords, but even if they don’t, make sure to:

  • Use at least 8 characters

  • Include a mix of upper case and lower case letters, numbers, and special characters


Use different passwords for different accounts

65% of people admit to reusing their passwords across multiple accounts, which makes it really easy for cyber criminals to access multiple accounts. They get their hands on the password for one account and try using it to sign into other sites - like your online banking account. On average, people use the same password for up to 14 accounts - that’s how many accounts a cyber criminal could gain access to if they get your password! The good news is, it’s easy to protect yourself.

  • Don’t re-use passwords.

  • Create a different, strong password for each account and protect it.

  • Make absolutely sure that your online banking passwords are unique and secure - cyber criminals frequently target online banking for attacks based on password re-use.


Avoid obvious passwords

Shockingly, many people use passwords that are really easy to guess. Some of the weakest (yet most commonly used) passwords include:

  • 123456

  • password

  • 111111

  • Qwerty

Even passwords that you think are stronger because they meet the minimum requirements are still easy for hackers to guess. For example:

  • Fall2019!

  • P@ssw0rd


Use a passphrase

Make your password strong, plus easier to remember, by using a passphrase instead. Hackers tend to collect common passwords and stolen passwords and then use them to quickly guess your password. A passphrase – a sentence or phrase used as a password – is hard for hackers to guess but can still be easy for you to remember. Here are some examples:

  • KeepingEvery1SAFE!

  • Easy2remember&SAFER

  • 2bOrNot2bThatisthe?


Make your password hard to guess

Hackers browse social media sites for information that people typically use for passwords, so avoid using anything someone could guess from looking at your online profile, like:

  • Your birthday

  • Your pet’s name

  • Your address

  • Names of family members

  • Hobbies

  • Favourite sports team, band, or celebrity


Change your passwords often

It’s always a good idea to change up your passwords, even if you don’t have to. We are constantly monitoring what fraudsters are doing and periodically changing our password requirements to make sure that our Members have the most current protection from financial fraud and identity theft.

If you haven't changed your password recently, you may be at a higher risk of fraud, as password requirements are only applied when passwords expire.


A version of this article was originally published on September 27, 2019.


Learn more about protecting yourself

How to spot and avoid phishing scams
How to prevent e-transfer fraud
Our commitment to privacy and security