SeniorDaily Subscribe
Technology

Online Safety 101: How to Create Strong Passwords and Avoid Getting Hacked

Learn how to create strong passwords, spot scams, and keep your accounts safe with simple steps anyone can follow.

David Kim

Every week, millions of people have their online accounts broken into. Bank accounts get drained. Email accounts get taken over. Personal photos get stolen. It sounds scary, but the good news is this: most hacking is preventable.

Hackers do not target people one by one. They use computer programs to guess common passwords and trick people into giving up their information. If you know a few simple rules, you can protect yourself from the vast majority of attacks.

This guide will teach you how to create strong passwords, keep your accounts safe, and spot scams before they cause harm.

Why Passwords Matter So Much

Your password is like the lock on your front door. A weak password is like a flimsy lock that anyone can pick. A strong password is like a deadbolt.

Here is the problem: Most people use weak passwords. The most common passwords in the world are still “123456” and “password.” Hackers know this. Their programs try these first.

If your password is easy to guess, it does not matter how careful you are with everything else.

What Makes a Password Strong

A strong password has three qualities:

  1. It is long. At least 12 characters. Longer is better.
  2. It is unique. You use a different password for every account.
  3. It is hard to guess. It does not contain your name, birthday, pet’s name, or common words.

The Passphrase Method (Easiest Way to Make Strong Passwords)

Instead of trying to remember random letters and numbers, use a passphrase. Pick four or five random words and string them together.

Examples:

  • PurpleTruckRainyMorning
  • CoffeeBridgeSevenFoxes
  • GardenLampYellowHillside

These are long, hard to guess, and much easier to remember than something like xK9#mP2$. You can make them even stronger by adding a number or symbol somewhere: PurpleTruck47RainyMorning!

Passwords You Should Never Use

  • Your name, spouse’s name, children’s names, or pet’s names
  • Your birthday, anniversary, or address
  • “Password,” “123456,” or “qwerty”
  • The same password for more than one account
  • Any single word you would find in a dictionary

The One Rule That Prevents Most Hacking

Use a different password for every account.

This is the single most important thing you can do. Here is why: when a company gets hacked (and it happens often), the hackers get everyone’s email and password from that company. Then they try that same email and password on every other website. If you use the same password everywhere, one breach opens all your accounts.

If you use different passwords, a breach at one company affects only that one account.

Password Managers: Your New Best Friend

“But how can I remember a different password for every account?” You do not have to. A password manager remembers them all for you.

A password manager is an app that:

  • Stores all your passwords in one secure place
  • Creates strong passwords for you automatically
  • Fills in your password when you visit a website
  • Works on your phone, tablet, and computer

You only need to remember one password: the master password that opens your password manager.

  • Apple Passwords (free, built into iPhone and Mac): If you use Apple devices, this is already on your phone. Go to Settings, then Passwords. It saves and fills passwords automatically.
  • Google Password Manager (free, built into Chrome and Android): If you use Google Chrome or an Android phone, this works automatically. It saves passwords and warns you if any have been leaked.
  • 1Password (about $3/month): Works on all devices. Very easy to use. Great family plan that lets you share passwords safely with family members.

How to Start Using a Password Manager

  1. Pick one from the list above.
  2. Set a strong master password (use the passphrase method).
  3. Start saving passwords as you log in to websites. The manager will offer to save them.
  4. Over time, change your old weak passwords to new strong ones.

You do not need to change all your passwords in one day. Just update them one at a time as you log in to each account.

Two-Factor Authentication: The Extra Lock

Two-factor authentication (often called 2FA) adds a second step when you log in. Even if someone steals your password, they still cannot get into your account without the second step.

How it works:

  1. You type your password as usual.
  2. The website sends a code to your phone by text message.
  3. You type that code to finish logging in.

If a hacker has your password but not your phone, they cannot get in.

Where to turn it on:

  • Email (Gmail): Go to myaccount.google.com, click Security, click 2-Step Verification, and follow the steps.
  • Bank accounts: Log in to your bank’s website, go to Security Settings, and look for two-factor or two-step verification.
  • Facebook: Go to Settings, then Security and Login, then Two-Factor Authentication.
  • Apple ID: Go to Settings on your iPhone, tap your name at the top, tap Sign-In & Security, then turn on Two-Factor Authentication.

Turn on 2FA for at least these three things: your email, your bank, and any account that has your credit card.

How to Spot Scams and Phishing

Phishing is when a scammer sends you a fake email or text that looks real. They want you to click a link and enter your password on a fake website. Then they steal it.

Red Flags That Scream “Scam”

  • Urgency: “Your account will be closed in 24 hours!” Real companies do not pressure you like this.
  • Threats: “We will call the police” or “You owe the IRS money.” The IRS does not email or text you about money you owe.
  • Spelling mistakes: Real companies proofread their emails. Scammers often do not.
  • Strange sender address: The email says it is from your bank, but the address is something like bankofamerica.security.alert@gmail.com.
  • Requests for passwords or personal information: No real company will ask for your password by email. Ever.
  • Links that look slightly wrong: Hover over (do not click) a link. If it says “arnazon.com” instead of “amazon.com,” it is fake.

What to Do If You Get a Suspicious Email

  1. Do not click any links in the email.
  2. Do not reply to it.
  3. Do not call any phone number listed in the email.
  4. If you think it might be real, go to the company’s website by typing the address yourself in your browser. Log in there to check your account.
  5. Delete the email.

What to Do If You Already Clicked

If you clicked a link and entered your password on a suspicious site:

  1. Go to the real website right away and change your password.
  2. If it is your bank, call them immediately.
  3. Check your account for any activity you do not recognize.
  4. Turn on two-factor authentication if you have not already.

Phone Call Scams

Scammers also call by phone. Common tricks:

  • Pretending to be from the IRS or Social Security Administration
  • Claiming your computer has a virus and offering to “fix” it
  • Saying a grandchild is in trouble and needs money
  • Pretending to be your bank and asking you to “verify” your account

The rule is simple: Hang up. Then call the company or person back using a number you find yourself (not the number they gave you).

Quick Safety Checklist

Here are the most important steps, ranked by how much they protect you:

  1. Use a different password for every account. (Start with your email and bank.)
  2. Turn on two-factor authentication for email, banking, and any account with financial information.
  3. Use a password manager so you do not have to remember everything.
  4. Never click links in unexpected emails or texts. Go to websites directly instead.
  5. Keep your phone and computer updated. Updates fix security holes that hackers use.

You Are Not Too Old to Be Safe Online

Some people feel embarrassed about online safety. They worry they are easy targets because they did not grow up with computers. That is not true. Scammers target everyone, young and old.

The five steps in this guide will protect you from the vast majority of online threats. You do not need to understand how computers work. You just need to follow these simple habits.

Start today with one step. Change your email password to a strong passphrase. That single change makes you safer than most people online.

Reported by David Kim with additional research from the SeniorDaily editorial team. For corrections or updates, please contact us.

Topics in this story

Technology Online Safety

More you might enjoy

View all stories
Technology

The Best Free Apps for Staying Connected with Family Across the Country

Discover the best free apps for video calls, photo sharing, and group chats so you can stay close to family no matter the distance.
Technology

Smart Home Devices That Help Seniors Live Independently: A Beginner's Guide

Learn how smart home devices like voice assistants, smart lights, and video doorbells can help you live safely and independently at home.
Opinion

Why I Am Optimistic About Technology for Older Adults

A retired engineer makes the case that technology is getting better for seniors, not worse, and explains why the best is still ahead.

Back to all stories