Think of your password as a guard that stands between your personal information and potential online risks. Given the best protective armour, the chances of anything getting through are greatly minimized.

When you create passwords with combinations of letters and numbers that are unique for every one of your online accounts, you’ll make it more difficult to unlock your identity – keeping your information safe and secure. You should password-protect all your devices: computer, laptop, tablet, smartphone, etc.


Many people choose a password that’s easy to remember – like an address, pet’s name or special date – and use it over and over again. The thing is, attackers try these first because they’re pieces of information that are easy to obtain.

To protect your passwords online, follow these tips:

  • Make sure it’s a minimum length of eight characters.
  • Use a combination of upper and lower case letters and at least one number.
  • Include at least one character that isn’t a letter or number.
  • Be creative. Use the first letter of each word of a memorable sentence or phrase, then make it even tougher by changing some of the letters to numbers (e.g. use a “3” to replace an “e”).
  • Try a mix of your pet’s name, your favourite numbers, the street you grew up on or other combinations.


The easiest way to avoid identity theft? Don’t let it happen. Keep these tips in mind at all times to help keep you safe:

  • Before you share personal information, consider carefully what you’re putting out there through email and social networking sites. This could include information like your cell number, address, hometown, workplace, status updates that let people know you’re away and other revealing details.
  • If you’re asked for your personal information, find out how it will be used and why it’s needed.
  • Don’t provide any more information than is required.
  • Choose strong passwords. Don’t use simple words or favourite names (like your child’s name or your mother’s maiden name). Try a combination of upper and lower case letters, numbers and symbols. You’d be surprised how many people use easy-to-crack passwords like ‘12345′ or simply ‘password’.
  • Change your password often and commit it to memory. Don’t keep it in your wallet, saved on your computer or on your mobile device.
  • Never use automatic login features that save your username and password. Take the time to re-enter your password each time.
  • Be extra careful about giving out your social insurance number (SIN). It’s virtually a key to your identity and credit reports.
  • Don’t use your credit card number online unless you know the company you’re dealing with is reputable and the website is secure.
  • If you use webmail, make sure you are using a secure connection, a feature available from all of the major services.
  • Use “2-step verification” to log on to web services, if this feature is available. Services using 2-step verification first ask you for a password and then verify your identity through a separate channel such as by a text message on your phone.
  • Instead of setting up accounts with a name and password on multiple sites, use existing accounts whenever possible. You can log in to many services using your existing Facebook, Twitter, Google or OpenID account, so you don’t need to remember a new password or tell existing password to yet another site.
  • Do not reply to or click on links in any email that looks suspicious. Never open an attachment from spam or sender not known to you. Make sure that you are using anti-spyware software and that it is up-to-date.
  • Always be wary of emails from financial institutions, Internet service providers and other organizations asking you to provide personal information online. If in doubt, call the company directly and ask them to verify the email.
  • Only make online purchases from companies you trust.
  • Clear your cache after banking or shopping online to make sure personal information isn’t stored on your computer. Here are examples of how to do this:
    • In Firefox, go to Tools > Clear Recent History
    • In Internet Explorer, Go to Tools > Delete Browsing History
    • In Chrome, go to the wrench icon in the top right hand corner. Under the Bonnet > Clear Browsing Data
  • Never leave your laptop in the car or anywhere else where it could easily be stolen.
  • Make sure you have a firewall and that it’s set to “on”, install or upgrade virus protection software, and turn off file sharing to keep information on your computer safe. If you’re not sure how, you may want to ask a professional to do these things for you.
  • Keep in mind that Wi-Fi networks in public places like coffee shops, libraries or airports are not secure. Never send personal information through public Wi-Fi and disable the connection when you’re not using it.
  • Set up your home Wi-Fi network with an administrative password and other protective measures such as encryption. Avoid naming the network something identifiable to you – your phone number, address or family name.
  • Before you sell or dispose of your computer or mobile device, completely wipe its hard drive to remove files, personal photos and all the information you have stored on it with overwrite software. You can buy overwrite software or have a professional do this for you. Even better, have the hard drive or device destroyed.

Updated: 2021-04-12