Making and Using Strong Passwords

Strong passwords are really important for protecting your devices, such as your smartphone or tablet, as well as protecting your online profile including your email account. You might have heard about strong passwords before but do you know how to make one?  Here are some trusted rules to follow so that you can feel confident that the passwords you make are strong ones:

  • It needs to be something you will remember
  • Try using three words together and add symbols and numbers and a mix of capital and small letters to help make it harder to crack
  • The minimum length can be 8 to 12 characters, but if you can make it longer that would be better
  • If you have to use the same password on a few accounts because it is too difficult to remember lots of passwords then at least make your password to your email account a different one


learner with Staff and computer

Sound easy? These rules can be really challenging, especially for anyone who finds reading and writing difficult.

Security and usability

Some people who have low levels of literacy may find it very difficult to create a strong password and then remember it.  This journal article about password creation strategies from people with both high and low literacy levels shows that although people with low literacy levels know that they need to have strong passwords, they are still more likely to compromise security over usability.

Here are some alternative ways of keeping safe online if creating and using a strong password is a challenge in day-to-day life:

  • Use fingerprint or face recognition instead of using a password.
  • Use a six digit pin instead of using words.
  • Use voice identification.
  • Set up two factor authentification on the main email account.
  • Set a very strong password to enter your main device and safely save your passwords for different websites and accounts within your browser so you don’t have to re-enter them every time.

Is it ever ok to write down a password?

Sometimes the only way for someone to actually use a strong password is if they write it down. It’s not ideal, but isn’t it better to write it down rather than risk using a simple one because it is easy to remember? Of course written passwords must always be hidden or locked away.

We have seen first-hand how stressful it can be when someone dies and their spouse doesn’t know how to access their online spaces. April’s story written by one of our Learning Coordinators shows how difficult this situation is:

“Bob passed away and his wife April who was visually impaired found that she didn’t have the details of the companies he had dealings with online. She also didn’t have access to his email because she didn’t know his password.  April found that she could no longer download her audio books, access their bank account online or even his Facebook profile to thank people who had posted condolence messages. April called Google for support, but she was refused access twice and only after two appeals, a lot of paperwork, photocopying and six months was she able to access Bob’s email account. As anyone who has read the terms and conditions of some of the biggest email providers can see, gaining access to a deceased person’s email is almost impossible and, at the very least, incredibly time consuming.

April was forced to quickly learn how to get online at a very stressful time. Like many people, she had taken a backseat whilst her partner took the helm of managing things online.  She reflected that it would have been much easier if her husband could have safely shared details of their online household bills and passwords perhaps in their will or with their executor. April is now up and running and uses voice activation software to create and use strong passwords.”

The internet has been around for 47 years this year but has only been in our homes for around 20 years. In our Perth Digital Project, we have seen first-hand how the stress of having to learn how to get online and gain access to a loved one’s accounts compounds feelings of distress, fear and loneliness.

Keep up to date with great advice by reading Scottish Government’s Cyber Resilience blogs.

We are one of many organisations holding events during Cyber Scotland Week: 17th to 23rd February 2020. Please do come along to learn and feel more confident. We are providing lunch and travel expenses to attend.

We are very grateful to the Scottish Government who are supporting us to hold a series of events, write articles as well as other types of conversation pieces about Cyber Resilience between January and March 2020. 


Scottish Government Logo