TIAA is proud to support World Password Day on 2nd May 2024

World Password Day creates awareness about the importance of strong passwords. A compromised password can put our personal and financial information at risk.

The National Cyber Security Centre (NCSC) provides guidance for creating strong passwords, how to look after your passwords and further protecting your accounts.

How are passwords stolen?
  • Fraudsters may guess them using your social media profiles or use the most common passwords
  • Fraudsters may trick you into revealing a password using a phishing email that links to a dodgy website
  • An organisation that holds your data is subject to a data breach
Creating strong passwords
  • Avoid using predictable passwords that fraudsters can guess, such as the name of your pet
  • Avoid using the same password across important accounts – if one password is stolen the other account is compromised
  • To create a memorable password that is hard for someone else to guess and is long enough and strong enough, combine three completely random words such as umbrellaorangedonkey
Looking after your passwords

Most web browsers will offer to store your online passwords, which is safe to do on your own devices, but not on shared computers.

Use a standalone password manager to help you to create and store strong passwords. You will only need to remember the master password for the password manager.

Use 2SV (2-step verification) to protect your account

It’s called 2SV as it involves signing into an account using two methods – one password that you already know and usually a PIN code sent to your phone by SMS or an email, that you need to enter before proceeding.

Instead of a PIN code you may be able to enter a fingerprint or face scan – your service provider will advise what they support.

This is also known as 2FA (2-factor authentication) or MFA – multi factor authentication.

Also remember to:
  • Install the latest software and app updates on your devices
  • Backup anything of value in the cloud or on removable media such as a USB stick
  • For full NCSC guidance on using passwords to protect your devices and data, visit: Top tips for staying secure online – NCSC.GOV.UK