Donate Search Phone icon Call our Helpline: 0800 12 44 222

We use cookies to give you the best experience of our website. By clicking 'accept cookies', you're agreeing to our use of cookies. You can change this at any time.

AcceptDecline

Top tips for strong password management

password management

17 November 2025

Cyber criminals often look for accounts that are easy to break into, but you don’t need to be a computer expert to keep your information safe - just a few simple habits can stop them in their tracks.

Passwords are one of the most important tools you can use to protect your information online. However, they are only effective if you protect them well and they are difficult to guess.

If you are not using a password manager (scroll down for more info on this) it is worth taking the time to make sure your passwords are as strong as possible. Here are some tips for creating strong passwords:

  • Don’t use obvious passwords, such as PASSWORD or 123456.
  • Don’t use personal information, for example, your name, your date of birth, or the name of your partner, child or pet – these are easy to find out and another obvious thing for a hacker to try.
  • Use long passwords where possible – at least 8 characters, but ideally more. 
  • Use a mixture of lower- and upper-case letters, numbers and special characters (punctuation and other symbols)
  • Change your passwords regularly, and immediately if you think someone might know what they are.
  • Use a different password for each account: even if you have a particularly strong password and protect it well, you should not use it for more than one account.
  • Never write your passwords down: this creates a huge security risk. It is much better to use a password manager.

For even stronger password protection, consider using a password manager

Using a password manager is the best way to have strong passwords for all your accounts without the stress of having to remember them.

A password manager is a type of online account that can securely store passwords for all your other online accounts. It will store your passwords on the cloud, a very large type of data-storage software that can be located almost anywhere, or even across several different locations, and is accessed using the internet.

There are many password managers available, and each works slightly differently. Generally, they create different long and random passwords for each of your online accounts, store these for you and enter the right one automatically when you visit the login page. You just need to set and remember a very strong master password for the password manager itself.

Turn on two-factor authentication

Two-factor authentication, or multi-factor authentication, is when an account is protected with more than one type of security. This means that if someone were to find out your password, this alone would not be enough for them to access your device or account.

You will usually need to enter your password as normal and then do something else. This could be entering a code sent to your mobile phone for example, or using your phone to scan your fingerprint.

The Cyber and Fraud Hub website provides guidance on setting up two-factor authentication. Visit cyberfraudhub.org/2fa.

For more information on keeping your information secure, visit our Staying Safe Online page and get your free copy of our information guide today.

Similar articles...

Back to Latest News