Better Business Bureau Shares Tips on How to Keep Your Online Accounts and Passwords Safe


Internet usage among older adults has increased over the last couple of years. 75% of older adults 65+ are now online. With an increase in our online presence, comes more opportunities for hackers to access our personal accounts. Last month, the Better Business Bureau (BBB) issued some tips on how to keep your online accounts and passwords safe.

BBB recommends the following password-creation tips to stay safe:

Think of your passwords as walls: A password or a passphrase should be considered a wall between free access to your personal information and the world. The stronger the wall, the more difficult it is for others to break down.

Avoid easy passwords: A weak password is one that is easy to guess. Commonly used passwords are your pet’s name, your mother’s maiden name, the town you grew up in, your birthday, your anniversary, etc, which can typically be found online. A strong password has at least 12 to 14 characters, mixed with uppercase and lowercase letters, numbers, and symbols.

Make them creative: Running low on creative ideas for different passwords? Try using song lyrics. It is basically impossible for hackers to guess what song you are using, it’s even harder for them to guess which lyrics you’re using.

Use a “passphrase”: Instead of using a single word, use a passphrase. Your phrase should be relatively long, around 20 characters, and include random words, numbers, and symbols. Think of something that you will be able to remember but others cannot come close to guessing, such as PurpleMilk#367JeepDog$.

Use multiple passwords: Using different passwords for different accounts is also important. While it may be easier to remember one password for every account, it’s much easier for hackers to break down one wall rather than multiple walls. This includes websites you shop online at, banking accounts, health insurance accounts, email accounts – you name it.

Use multi-factor authentication: When it’s available and supported by accounts, use two-factor authentication. This requires both your password and an additional piece of information upon logging in. The second piece is generally a code sent to your phone or a random number generated by an app or token. This will protect your account even if your password is compromised.

Consider a password manager: A written list works, but if you’re worried about losing it, type up an electronic list and label it as something other than “PASSWORDS.” Keep the list updated and organized as well as secretive. Avoid keeping the list on the device, as it will only make it easier for the thief to access the apps and personal data stored on it.

Select security questions only you know the answer to: Many security questions ask for answers to information available in public records or online, like your zip code, mother’s maiden name, and birthplace. That is information a motivated attacker can easily obtain. Don’t use questions with a limited number of responses that attackers can easily guess – like the color of your first car.

Wi-Fi is a security concern as well. Check your device settings before surfing the web.

  • Check the validity of available Wi-Fi hotspots: hackers will set up fake hotspots that have names of stores or institutions you might trust.
  • Make sure all websites you use have “HTTPS” at the beginning of the web address.
  • Install an app add-on that forces your web browsers to use encryption when connecting to websites.

If you received a notification from a company about a possible data breach, it is always best practice to change that password and any similar passwords immediately.

Go to for more information. In the United States, visit the FTC for more information on cybersecurity.

Subscribe to our FREE Newsletter