We use cookies on the site to improve our service. By clicking any link you are giving consent for use of cookies. Click here for more information


Your passwords are the most common way to prove your identity when using websites, email accounts and your computer itself (via User Accounts). The use of strong passwords is therefore essential in order to protect your security and identity. The best security in the world is useless if a malicious person has a legitimate user name and password.

Get started...
  • Always use a password.
  • Ensure you use strong passwords, and do not disclose them to anyone else.

Passwords are commonly used in conjunction with your username. In some cases you will also be asked to enter only certain characters of your password, for additional security. However, on secure sites they may also be used alongside other methods of identification such as a separate PIN and/or memorable information. 

Additional authentication is also gradually being introduced, to the point where some experts are saying that the use passwords will eventually become redundant. Examples are Microsoft's new Windows 10 operating system - where users will enter a PIN or biometric identification such as a fingerprint reader, as well as their username and password.  A Windows 10 mobile device will also provide the means for its user to provide credentials by very possession of the device itself.

The Risk of Using Weak Passwords

  • People impersonating you to commit fraud and other crimes, including
    • Accessing your bank account
    • Purchasing items online with your money
    • Impersonating you on social networking and dating sites
    • Sending emails in your name
    • Accessing the private information held on your computer

Choosing the Best Passwords


  • Always use a password. There are no hard and fast rules about making up a safe password, but you could consider the following suggestions:
  • You could choose a password with at least eight characters (more if you can, as longer ones are harder to guess or break), a combination of upper and lower case letters, numbers and keyboard symbols such as @ # $ % ^ & * ( ) _ +. (for example SP1D3Rm@n – a variation of spiderman, with letters, numbers, upper and lower case). However, be aware that some of these punctuation marks may be difficult to enter on foreign keyboards. Also be aware that commonly-changed characters such as E to 3 or l to 1 are well-known to criminals. 4. Setting up consistent symbol replacement and capitalization rules for all your passwords helps keep things from becoming too complex.
  • You could use two or more unassociated words, such as what you see out of the window, or on your desk (for example MagpieDrainpipe or MonitorMouse).
  • You could use the line of a song - but not one that other people know is your favourite.
  • Somebody else's mother's maiden name (not your own mother's maiden name).
  • Pick a known phrase (known to you) "Tramps like us, baby we were born to run" and take the first character from each word to get "tlu,bwwbtr". Of course, this will not work when the site demands at least one numerical character in your password.
  • Consider using a secure password generator, such as https://identitysafe.norton.com/password-generator


  • Use the following as passwords:
    • Your username, actual name or business name.
    • Family members’ or pets’ names.
    • Your or family birthdays.
    • Favourite football or F1 team or other words easy to work out with a little background knowledge.
    • The word ‘password’.
    • Numerical sequences.
    • A commonplace dictionary word, which could be cracked by common hacking programs.
    • When choosing numerical passcodes or PINs, do not use ascending or descending numbers (for example 4321 or 12345), duplicated numbers (such as 1111) or easily recognisable keypad patterns (such as 14789 or 2580).

Looking After Your Passwords

  • Never disclose your passwords to anyone else. If you think that someone else knows your password, change it immediately.
  • Don't enter your password when others can see what you are typing.
  • Change your passwords regularly.
  • Use a different password for every website. If you have only one password, a criminal simply has to break it to gain access to everything.
  • Don’t recycle passwords (for example password2, password3).
  • If you must write passwords down in order to remember them, make sure they are meaningless to, and unusable by other people by writing them in code (substituting the characters in your password with others that you can remember, or easily work out).
  • Do not send your passwords by email, or enter them on a website to which you are directed from an email, social media link or phone call. No reputable organisation will ask you to do this.
  • Don't store your passwords on your computer or mobile phone, in case they are stolen or accessed by unauthorised people.

Many people use the same password on more than one account, which as mentioned above can be dangerous if it is compromised on just one of your accounts. Rather than writing them down or storing them on your device, consider using one of the many electronic 'password safes' available on the market.

Controlling User Accounts

Everybody who uses a computer should be assigned their own user account so that only they can access their files and programs. Each user account should be accessible only by entering a username and password in order to safeguard users’ privacy. Other user account features can also be set up in user accounts – including parental controls (Windows Vista and Windows 7 only). 

Do not use an account with administrator privileges for everyday use, as malware could assume administrator rights. Even if you are the only user, set up an administrator account to use when you need to carry out tasks such as installing programs or changing the system configuration, and another ‘standard user’ account as your regular account. If you are not logged in as administrator, you will be prompted to enter an administrator password when you install a new device driver or program. You can manage user accounts in Windows Control Panel. 


See also...


Preventing Identity Theft
Your identity is precious. Keep it that way with a few simple precautions.

Maintain privacy and avoid identity theft or fraud.