Skip to main content

Creating unique and secure online credentials

Everyone knows you shouldn't use "password" as your password. But what should you use? These tips and tricks will help protect your online logon profiles.

Do this with your password

Your password should be:

  • Reasonably complex and, preferably, at least 8 characters long.
  • Different from your passwords on other websites.
  • Changed on a regular basis.

Don't do this with your password

Your password should not be:

  • Written down, stored unencrypted on your computer or mobile device, or shared with anyone.
  • A common word or close variation.
  • Given out over the phone.
  • Composed of anyone's Social Security number, name, or other personal information.
  • Composed of three or more sequential letters, numbers, or keyboard patterns (e.g., QWERTY).
  • A minor tweak of your old password. (For example, if your previous password was bikerider23, your next password should not be bikerider24.)

Secure and memorable passwords

Try these tips to create a password that's both easy for you to remember and hard for others to guess.

Combine two or more words or abbreviations with numbers.
For example, cpU34ChiP.

Remove vowels from a phrase and add numbers.
For example, swim twenty laps becomes swm20LpS.

Abbreviate a favorite phrase.
For example, I ride my bike 50 miles every Saturday becomes iRmB50meS.

Use famous people's initials.
For example, a list of U.S. presidents including George Washington, Abraham Lincoln, and Thomas Jefferson becomes 1Gw2Al3Tj.

Note: Don't use any of these examples as your password.

Security questions and answers

To create security answers you can remember in the future, follow these simple tips:

Use one-word answers whenever possible.
Avoid qualifiers such as "the," "and," "Inc.," "co," etc.

Note the emphasized words in the questions.
For example, if your security question is "What is your current best friend's FIRST NAME?" don't put "John Smith."

Be careful with people's names.
When using a friend's name as an answer, make sure to use his or her familiar name. That is, if you call your friend "Jimmy," don't use "James" as your security answer.

Be careful with quirky answers.
Quirky or nonsensical answers could help you stay secure—if you're certain you'll remember them later.

Don't use profanity.