Language selection

OPC Logo Office of the Privacy Commissioner of Canada

Search

Tips for creating and managing your passwords

March 2018

Passwords are a way of keeping your personal information safer on your electronic devices and the Internet. Setting passwords can help you control your information and help prevent your personal information from being stolen. If someone gets your password, they may be able to get into your accounts, see your activities and even pretend to be you.

How to choose a strong password

  • Use a unique password for each website, account, and device that you use.
  • Avoid obvious choices such as mother’s maiden name, child’s name, pet’s name or any reference someone may be able to guess through information you have posted elsewhere.
  • Make passwords eight or more characters.
  • You should choose a password that you will remember, but that won’t be easy to guess. You may want to use a phrase for your password, or the acronyms method, where you use the first letter of each word in a sentence. For example, “I always play tennis with 2 friends on Thursdays at 4.” could become this password, “Iaptw2foTa4.”.
  • If you’ve purchased an Internet-connected device such as a webcam, be sure to change the default or factory passwords. These default passwords are often widely known by hackers. You can usually do this from your device’s “settings” under the heading “security.”
  • Allow multi-factor authentication where possible. Traditionally, you access an account or device with something you know, like a username and password. Multi-factor authentication adds an extra layer of protection that requires something you have (like a mobile phone, ID card or other physical device) or something you are (like a fingerprint or voice recognition). Multi-factor authentication is a great tool for sensitive accounts, like mobile banking or password managers.

Managing your passwords

  • Keep your passwords private. Sharing your passwords with someone else can be a big privacy risk.
  • Don’t use the “remember password” feature on your browser or device. Automatic logins can be convenient, but are not a good idea if you are sharing a computer.
  • Use the automatic lock features on your mobile devices. This feature ensures that a password, swipe pattern or PIN is required to unlock the device. Some mobile devices even have a fingerprint or facial recognition feature that you may want to use to unlock the device or a specific app.
  • If you’re thinking of using a password manager, you should know that having all your passwords in one place can be risky. We do not recommend using a password manager for sensitive accounts, such as your online banking. Do your research and find a password manager you think you can trust. Use a strong password to secure it.
  • If you need to write passwords down to remember them, keep them offline in a secure place, such as a locked cabinet. Don’t post it in plain sight or where someone might find it.

Tip for parents: If you decide to ask your children to share their passwords with you, make sure that they understand that this is a special exception, just between you. They should never share their passwords with anyone else, including their friends.

Related infographic

Image of the infographic: Tips for choosing, using and protection passwords

See an infographic of these tips

See all infographics

Date modified: