Create Strong Passwords, PINs and Security Questions

Passwords should include capital letters, special characters and numbers. A strong password is about 12 characters long. Making a strong password is not easy but necessary.

  1. Think of a phrase as the base of your password  
  2. Use the first letter of the words in the phrase to create your password
  3. Capitalize one or more letters
  4.  Add a special character
  5. Add a number or two

Instead of thinking of a word for your password, try remembering a phrase. For example, take the phrase “My dog Ellie likes to eat ice cream at Tim and Doug's” and select the first letter of each word, in this case it would be “mdElteicatad.” Add a special character or swap out a letter for a special character. In most passwords these are the allowed special characters +_%@!$*~. Then, add a number but not a number that someone would easily guess. For this example the password would be “mdElt3ic@tad”.

Avoid using a Social Security number, date of birth, account number or address.

It can be difficult to create a strong password and troublesome to remember passwords for each online service. Do not write your passwords down and leave them in a place easily found. If you write down your passwords, keep them in a safe place or locked file.

Update passwords regularly and make sure your passwords vary for each account.

Personal identification numbers (PINs) can be used to access funds on a debit card or might be used to unlock cell phones. Just like passwords, PINs should never be shared with others. PINs should not be written down but if they do need to be written down, be sure they are in a safe place or locked file.

When choosing a PIN, remember the following:

  • Avoid using numbers that would be easily guessed, such as numbers that relate to you or a family member’s birth date, Social Security number, account number or home address
  • Refrain from using consecutive numbers such as 4321 or 1234
  • Repeating numbers such as 0000 or 8888 should not be used as PINs.

When providing answers to security questions for online accounts, it is important not to use answers that can be easily guessed or found online. Here are a few best practices to consider when setting up online accounts:

  • Avoid choosing questions that can be answered by accessing public records. For example, the city you were born or your date of birth. This information can be easily researched.
  • Do not give answers that can be found on social media sites, such as the name of your pets or the company where you work. It’s also good to avoid social media quizzes that ask questions revealing answers that you would choose for security questions.
  • Try not to answer questions truthfully. Come up with a phrase that can be easily remembered.
  • Use a combination of numbers, letters and special characters when answering questions.
  • Give answers that don’t correspond with the question. If you don’t think you’ll remember the answers, make an offline record and file in a safe place or locked file.

Scammers go to great lengths to steal personal information. Creating strong passwords and carefully choosing answers to security questions are only a couple of ways to help protect against fraud.