At home

Top tips for a secure password

Share on Facebook Share on Twitter Share on LinkedIn Share on Xing Share by email

Do you have your own strong passwords you can remember for each individual account? If so, you're on the safe side. If not, find out here how you can create a secure password for all your accounts.

Tip 1: Choose a long and complex password

The first and most important tip for creating a secure password is that it should be long rather than short. The recommended length is at least twelve characters. But of course there is no point in having a password such as “AAAAAAAAAAAA”. Even simple number sequences or keyboard numbers such as “123456” and “qwerty” are anything but secure, as they are very easy for amateur hackers to crack.

It’s important for the password to have a certain degree of complexity as well as to be long. You can achieve this through a combination of lower and upper case letters, numbers and special characters.

““123456” was the most popular password in 2020, relegating the 2019 number one “12345” into eighth place. Others in the top ten include password, qwerty or login.”

Study by password manager Nordpass

Tip 2: Avoid common terms from the dictionary

The second tip we can give you for creating a secure password is to avoid words in the traditional sense, i.e. any combination of lower and upper case letters, special characters and numbers that can be found in the dictionary.

Here's an example: from a formal perspective, “G-7-summit!?” meets the requirements of a secure password, as it comprises a variety of at least twelve characters. However, as it contains a proper word, it is less secure. Why is that? Hackers use small programs (scripts) to easily check every word in the dictionary, making it very quick for a password to be hacked. You can already see here that several tips and tricks are required to create a really secure password.

Tip 3: Do not include any personal data

Today most people surf the interest a great deal and use every online and social media platform. In doing so, they often inadvertently share a great deal of data and information about themselves. If a user has a rabbit called Maxi, drives a new Audi and is a big FC Barcelona fan, this already gives hackers three potential passwords to try out.

For this reason, even if you choose passwords like these so that you can remember them easily, they are anything but secure. Hackers have many ways of trawling through your personal internet profiles and collecting the information they need for cracking your password. So another tip for a secure password is to create one that has no content relating to you personally.  

  • Teaser Image
    Protection against cybercrime?

    Hacking, phishing, malware: wow can you as a user identify online threats and risks and protect yourself against cybercrime?

    Read the blog

Tip 4: Use a password generator

Our fourth tip for creating a secure password is to use a password generator, as it’s very difficult creating strong passwords yourself. When we try, we always lapse into certain patterns, making the process transparent.

That doesn’t happen with password generators, as they work on a random basis with guidelines and tips for secure passwords. They don’t use patterns, but instead create long and complicated passwords completely automatically.

Tip 5: Use a different password for every account

This tip is particularly important for creating a secure password. If you specifically use the same password for several accounts, it makes it particularly easy for hackers to gain access to all these accounts. This can have serious consequences for you, particularly for payment platforms or bank accounts. You should therefore create a separate password for every account so that you’re always on the safe side.

“More than 80 percent of the security breaches caused by hackers can be traced back to weak or stolen passwords.”

Katrin Sprenger, CEO of Silenccio

Tip 6: Install a password manager

If you use a different password for different accounts, you know that it’s impossible to remember them all. This is when password managers can be helpful. These are programs you install on your devices to save and manage your access data. Your data is also secured with a master password. This enables you to create a secure password for every account and platform without having to remember each one.

You therefore don’t have to worry about the safety of your data, as this is saved in encrypted form in the password manager. This means that it can only be found locally on the devices on which you installed the password manager.

Tip 7: Use two-factor authentication

Creating a secure password isn’t the only thing you can do to protect your data - there’s also two-factor authentication. As the name suggests, another step is added to the standard login comprising user name and password. This factor is transmitted via an app to the platform or SMS to you. Only after successful input can login be achieved.

Two-factor authentication significantly increases the security of your login. This is because it is no longer linked to a pure data set, but additionally to a physical end device, which in most instances is a mobile phone.

The likelihood of hackers stealing both factors, the data set and your end device is very low.

Tip 8: Change your password regularly

It makes sense to create a new secure password after three to six months. If you notice any discrepancies in one of your accounts, you should definitely change the respective password immediately.

Even when using publicly accessible Wi-Fi which is therefore not secure, the risk increases of your data on the end device you used being read. Data leaks on major platforms such as comparis.ch or LinkedIn are also increasing. So another tip for a secure password is to change it regularly. 

Frequently asked questions about password security

Katrin Sprenger, CEO of Silenccio and cyber risk expert, answers the most important questions about password security.

There are often standards applicable to passwords. Don't they make things easier for hackers to hack into a password?

No, because the standards simply define the framework conditions and are basically there to make passwords more secure. Even if these standards initially seem tiresome, they are there to increase security.

Obviously I realize that I should have a secure password for e-banking, but is it really necessary to have a separate password for every online shop?

If the same user name is used, e.g. email address, it's advisable to use different passwords.  This is because if, in this instance, hackers have access to an online shop, they have access to all online shops used with this combination. The risk of consequential losses therefore increases substantially.

Does the master password for the password manager have to be even more secure?

The same rules and tips for creating a secure master password apply as they do to regular passwords, but you must always be able to remember it. If you can't, the saved access details will no longer be available in the worst case scenario. This means that access to the accounts managed through the password manager will have to be manually reset and reconfigured. To increase security even more, you can install two-factor authentication with many password managers.

What do cyber criminals do when they hack passwords?

A password is hacked if attempts are made through trial and error to guess the password. If, for example, a password only comprises a few numbers between 0 and 9, few attempts are required before the password is hacked.

As the complexity of the password increases - through the combination of uppercase and lowercase letters, numbers and special characters - the number of attempts needed to guess the right combination through trial and error also rises.

Is it necessary to use as many special characters as possible to create a secure password?

Ultimately the best tip for creating a secure password is to use a mixture of length and combination of different characters - it’s less important to use just special characters or a particularly large number of them.

Associated articles

AXA & You

Contact Report a claim Broker Job vacancies myAXA Login Customer reviews GaragenHub myAXA FAQ

AXA worldwide

AXA worldwide

Stay in touch

DE FR IT EN Terms of use Data protection Cookie Policy © {YEAR} AXA Insurance Ltd