How to create a strong password

Only you should know your passwords. You’ll be at risk of online fraud if you:

• Tell anyone trustworthy – not even your family, technical support agents or computer engineers can know your passwords because their computer may be infected with malware or they may jot down your details. Plus, there’s no safe way to share your password. You never know who’s snooping on your texts, emails or conversations in public.

• Fall for scam emails and calls – criminals will try to trick you into giving away your details but you know you never can.

• Forget to log out – when using computers that aren’t yours (at libraries, internet cafes…) sign out of every website and let none of them save your password or details.

Starting with your most sensitive accounts – your email, banking and online storage – change your passwords every 6 months. If you get a suspicious email or a company’s data breach affects you, reset your password as soon as you can. Re-using an old password isn’t secure, so come up with one that you haven’t used online before.

You’ll be vulnerable to hacking unless you’ve a different password for every account. If one gets cracked, just the one account will be at risk, not everything you have.

Having unique passwords for all your accounts can be a lot to remember, so if you’d like you can store them all in a secure password manager app. Password managers will keep them locked up under a very strong master password – and that’s the only one you’ll need to remember. Your app will sign you in to all your accounts and suggest even more secure passwords to help you beef up their level of protection.

You may see that some companies will ask you to set up two-factor authentication (or multi factor authentication) after creating a password. This means that when you sign in you’ll need to enter your password and a second piece of information – usually a one-time code from a text or mobile app.

Try Google Authenticator, one of the most popular apps, or LastPass Authenticator, Microsoft Authenticator or another with good reviews on Google Play or Apple’s App Store. When you’ve downloaded and opened the app on your mobile, grab your tablet or laptop and connect your online accounts to the app. For example, on Facebook:

1. Tap Settings > Security and Login > Two-Factor Authentication > Get Started > Authenticator App.

2. Open the app on your mobile and tap Scan A Barcode (or similar).

3. Scan Facebook’s QR code using your phone – you’ll get a code.

4. Enter the code on Facebook.

From now on, Facebook will ask you to sign in using a code shown on the app – these 6-digit numbers change every 10 to 20 seconds on your screen. And your phone will generate them even when you’re offline – you won’t need mobile internet or WiFi.

Putting ourselves out there on social media has made it easier for hackers to guess our mothers’ maiden names or the names of our first pets, so common security questions such as these aren’t very secure anymore. When setting up your online accounts, choose a password recovery question that only you’ll know. Or set clever answers. They can be anything – you don’t have to answer the question truthfully, you just have to remember the answer.

When you’re using coffee shop or public WiFi and you’re on a VPN (a virtual private network), you can be confident that hackers can’t see the passwords you’re typing. Though VPNs can’t protect you from viruses and malware, ExpressVPN, Surfshark, NordVPN and others will add a layer of privacy and protect your identity for a fee.

Leaving your computer unprotected is an invitation to hackers – even your strongest passwords are at risk of being stolen by spyware, cracked by keyloggers that secretly record your typing, and more types of malicious software (malware). If you have Virgin Media broadband, simply switch on your Essential Security settings or use Advanced Security.

Downloading Kaspersky, McAfee, Norton’s or another antivirus will also block phishing scams and viruses, designed to trick you in to giving away your personal information or rob your sign in details. Find out more via our help article on how to stop spam

See our help guide for hacked Virgin Media Mail accounts if you were spooked by spam, had a ‘Compromised mail’ alert or something else.

Otherwise, if you’ve no viruses or malware on your device, secure your account:

1. Sign in to My Virgin Media

a. Go to Account settings, then Account details

b. Tap Edit next to Password under My Virgin Media sign in details

c. If we need you to verify your identity, you’ll be asked to do so using a one-time passcode before you continue – just follow the steps.

1. Create a strong, new password

2. Reset your security question and answer.

If you have Virgin Media Mail and use any third-party mailbox apps (like Outlook or Gmail) to access those emails, you need to update the password you use to sign in to those, too.

1. Sign in to My Virgin Media

a. Go to Account settings, then Account details

b. Tap Manage next to Manage your Virgin Media Mail app password under Virgin Media Mail

c. Before you continue, we might ask you to verify your identity – just follow the steps

d. Then, under Virgin Media Mail app password tap Get password

1. Continue the flow and a new secure password will be generated for you

2. Update any third-party apps that you use to access your Virgin Media Mail emails with this new app password

Please note that as this password is separate from your sign in details for My Virgin Media (or any Virgin Media apps) this won’t affect your My Virgin Media password. So, if you check your Virgin Media Mail emails through My Virgin Media or at mail.virginmedia.com, you'll still only need your My Virgin Media password.

Find out more about online safety , including our guide on Keeping your online account secure

• Set up a password manager – to remember your passwords for you.

• Create memorable passwords – e.g. based on your favourite song lyrics or rhymes.

Letting web browsers save your passwords is not the safest option – passwords are easier to forget when you’re not typing them in but worse, if your computer’s stolen, borrowed or hacked, your accounts are going to be at risk. Anyone could use your sign in details, stored on Google Chrome or Safari. Jotting them down is also too risky, as anyone could look at your notes.