BBB Says Simple Passwords Give Crooks a Master Key into Your Finances


World Password Day falls on May 4 this year as an annual reminder of the importance of strong passwords. Much of our financial, social and recreational lives now depends on online transactions — and that means passwords galore. Your Better Business Bureau (BBB) reminds that a few simple keystrokes are all that stand between your most personal information and the untold number of crooks who work to gain entrance into your many accounts.

Yet, millions of Americans seem oblivious to the danger. Using simple and repetitive passwords, they’re practically inviting thieves to hack their accounts and steal their money. Here’s BBB’s advice for securing your online accounts and keeping your finances safe with strong password management.

Strengthen those passwords!

These tips can make your passwords strong enough to rebuff many hackers:

  • Instead of “passwords,” think in terms of “passphrases.” Make them long, strong, and complex. They should be at least 12 characters long. Avoid cliches such as “AnAppleaDay.” Go instead for a phrase with personal meaning to you, such as, “PlanetSpringsteenIsForMe.” Make it less hackable by substituting characters: “Pl@netSpring$teenIs4Me!”
  • Don’t use pets’ names, relatives, maiden names, hometowns, birthdays, other significant dates, or anything that could be found out about you by an internet snoop.
  • Never use easily guessed number sequences like “0000000” or “1234567.”
  • Dictionary words are easy for hackers to figure out.
  • Don’t make only slight changes in passwords across different accounts, such as adding a number to the end of a previously used password.

Password managers

Keeping track of passwords is a problem for many. That’s where password management apps come in handy. These programs keep all your passwords stored in a “vault” that you can access with a single master password. BBB’s advice for selecting a password manager:

  • Ask friends which password manager they use and how they like it. Read up on the ones they suggest, searching for reviews of those apps.
  • Some password managers only support certain types of devices, so be sure to check out whether the one you’re considering works with yours.
  • If you need to be able to share your password manager with family or friends, be sure there is a secure way to do so with the one you’re considering.
  • Look for ones that use multi-factor authentication (MFA). These use more than just a username and password, usually a passcode sent to your phone. All reputable apps should use MFA.
  • Check out the features. Some will generate strong passwords for you, flag weak or duplicate passwords, and have autofill capabilities for online forms.
  • Check how they handle lockouts. What happens if you forget your master password? See how your password manager would help you in such a case.
  • Look for companies that have good customer service. If they only provide support through email, that could be a problem. You will need prompt phone or chat capabilities.
  • Use the free trial offer to check them out before you sign up. You need a service that works on all your devices, is easy to use, and is secure.

Passwords can be a hassle and it’s easy to just go for the quickest and easiest solution, often meaning you put off regularly changing them. Cybersecurity experts recommend you change them every three months and that you use a password management program. For answers to other questions you may have about your online passwords, check with BBB at (800) 856-2417 or visit our website at

ABOUT BBB: BBB is a nonprofit, business-supported organization that sets and upholds high standards for fair and honest business behavior. BBB services to consumers are free. BBB provides objective advice, BBB Business Profileson more than 5.3 million companies, 11,000 charity reviewsdispute resolution servicesalerts and educational information on topics affecting marketplace trust. Visit for more information.