How to create a strong password

These days you need dozens of usernames and passwords for everything from checking your bills to connecting to your home Wi-Fi. It can be tempting to make them easy to remember – but making your passwords as secure as possible is important, especially the ones you choose for online banking. 

Criminals are always looking for new ways to steal your personal data and money. Choosing a strong password and updating it regularly can help to protect yourself against financial fraud.

Make it memorable but not obvious

The best password you can choose won’t be an everyday word or phrase. It will be a combination of upper and lower case letters, numbers and symbols which look random – but the trick is to make sure it has a special meaning for you so you can easily remember it.

Choose something you love, but don’t make it easy for criminals to guess. If you create a straightforward password like “GameOfThrones”, hackers could work it out by looking at your social media feeds and realising that it’s your favourite TV show. But you could use “it7k@GoT” because it will be easy for you to remember the “Iron Throne of the Seven Kingdoms in Game of Thrones”.

And if you love pop music, “Oasis” would be a weak password. But “(wts)mg?95” would be a strong one because you’ll remember that the song (What’s The Story) Morning Glory? came out in 1995.

Helpful tips

  • Choose a unique password for online banking and don’t use it for anything else.
  • Change your new password once a month.
  • Log off from websites and devices when you’ve finished using them.
  • Use a combination of upper and lower case letters, numbers and symbols.

What to avoid

  • Don’t use anything that would be easy to work out such as the name of family members, pets, favourite football teams, birthdays etc.
  • Don’t use the word “password”, numerical sequences (for example “12345”), easily recognised keypad patterns (“14780”, “qwerty”, etc) or a single common dictionary word that could be cracked by hackers.
  • Never write down your passwords or share them with anyone.
  • Don’t use the same user ID and password for online banking and other services.

Remember: No HSBC employee will ever ask you for your password. If you receive a call or email from someone claiming to be an HSBC employee, government official or even a member of law enforcement and they ask you for your password, ignore the call and contact us immediately.

What next?

For more tips on password security and protecting yourself against fraud, download our scams leaflet (PDF).