Password Safety 101: Strengthen Your First Line of Defense Against Hackers 

The average American has 240 online accounts that require passwords. Most of us go against expert advice and reuse non-complex passwords for many accounts. And although 89% of people say they know this is risky and unsafe behavior, only 12% are using different passwords for every account.

These trends are alarming – Americans lost $10.3 billion to digital crime last year, and Canadians reported $530 million in losses in the same year, according to the Canadian Anti-Fraud Centre.

Cybercriminals can guess our passwords by scouring the internet, steal them from leaked data, scamming us into sharing them willingly or buying them on the dark web. When they do, they use them to steal money or benefits, break into our accounts, impersonate people and target our friends and family. 

Here are three steps you can take to strengthen your first line of defense against hackers trying to steal money and identities:

Step One: Create strong, unique passwords or passphrases for your accounts.

Nearly 23 million breached accounts were found to use the password “123456,” but using easily guessable passwords like this put you at risk of hackers breaking into your accounts. Instead of going easy with “123456” or “pa$$word,” use a mix of symbols, characters, upper case letters, lower case letters and numbers that make your passwords impossible to guess.

Avoid using obvious passwords that contain your date of birth, hometown, address, pet’s names or anything else that could be found online about you. 

Combine random words, create a phrase, use song lyrics, quotes or words in different languages to form a passphrase.

For example: 

  • Start with a common phrase, like “the grass is always greener.” 
  • Change some letters to uppercase. Now, change the phrase to “tHE graSS IS alwaYS GreenER.” Don’t only capitalize the first letter of each word, as that’s too obvious. 
  • Replace some of the letters with similar-looking numbers and add on a few extra characters. For example, this phrase could be changed to “tHE%gr4SS%15%alwaYS%Gr33nER.”

According to cybersecurity researchers, a 10-character password with a mix of uppercase and lowercase letters, numbers and symbols can take five months to crack, while a 12-character combination could take up to 34 years. And with artificial intelligence, some criminals are automating the password-guessing process.

Step Two: Securely store and remember your passwords with a password manager.

53% of people rely solely on memory to manage their passwords. This method is far from foolproof – and can mean forgetting your passwords and getting locked out of accounts. 

Using password managers like Aura, Bitwarden, 1password, LastPass or NordPass is by far the best way to create complex passwords that you won’t forget. These applications store your account credentials in a secure digital vault so that you can access them whenever you need to. Every time you login to your account, a password manager automatically inputs your username and password. That way, you only have to remember one master password for the password manager vault. Just make sure that master password is complex, hard-to-guess, hasn’t been leaked and isn’t being used on for any other logins. 

As an added bonus, Aura’s password manager can warn you if your password has been leaked, is too weak or if you’re trying to enter it on a fake website

Step Three: Monitor your accounts and react quickly to data breaches or unauthorized login attempts.

Even the strongest passwords can be leaked if the company that hosts your account suffers from a data breach. This can include login credentials, credit card details and Social Security numbers (SSNs). With hackers targeting companies from Facebook to Marriott to Equifax, there’s a good chance that at least one of your accounts has been compromised.

To protect yourself after a data breach, look out for notifications of data breaches in your email and your Aura app and change any logins impacted. Monitor those accounts closely for any unauthorized login attempts and make sure that you have multi-factor authentication set up as an extra line of defense. 

Check if your data has been exposed in a data breach using Aura’s free tool: 

Sign up for identity theft protection for peace of mind that your online safety is taken care of. 

Passwords are just one part of good cyber hygiene, and securing every aspect of your digital life can be overwhelming. But dealing with fraud and identity theft is stressful and can take years to be resolved. 

That’s where Aura comes in. Aura’s all-in-one-place, easy to use app removes the burden off you by providing you with proactive credit, financial account and dark web monitoring, anti-virus software, a password manager and 24/7 support in resolving any fraud or identity theft quickly and effectively.  Access your exclusive Aura offer – a two week free trial and a 25% discount – at

Aura also offers a family, so if you’re working with your adult children on estate or financial planning, they can join your Aura account and help remove the burden of protecting your digital identity. 

Subscribe to Our Newsletter