Passwords and Password Managers – Coins.ph Help Center

We want to keep you up to date about recent security events, threats and other important information about security requirements and best practices.

This Security Digest contains a short article about Passwords and Password Managers. It will not take more than 10 minutes to read it.

Passwords

Your sign-on details are the digital keys to all your personal information and the best way to keep your money safe. You want to make sure to keep your passwords safe from third-parties so that you and your assets stay protected.

The two significant security risks are insecure password practices and shared accounts. This involves using the same password for personal and business apps, reusing passwords across multiple apps, sharing passwords with other people, and storing passwords insecurely.

A good password must be at least 10 characters and contain:

at least 1 lower case letter [a-z] and
at least 1 upper case letter [A-Z] and
at least 1 numeric character [0-9] and
at least 1 special character: ~`!@#$%^&*()-_+={}[]|\;:"<>,./?

Usually, it is difficult to create and remember a strong password based on the rules above. Therefore, we cover simple ideas to simplify your passwords, lock down your accounts, and protect your accounts.

Idea 1: Choose 4 random words

One of the most simple and reliable password choices is to just throw 3 or 4 random words together. As long as it's at least 12 characters in length and the words don’t have a natural flow to them (i.e. "WeAreTheChampions"), then this should make for a very strong password.

Some examples of good passwords to use - and how they can be remembered - include:

LionStrawberryMansionPines

Baguio is known for the Lion's head, strawberry fields, The Mansion and is also called the "City of Pines"

ColdVodkaBearsBalalaika

Eg remember: "What do I know about Russia?"

HotBeachSunTrip

Words associated with “summer”

Idea 2: Use entire phrases

If it is difficult to remember a random sequence of words, you can try to make phrases. Since the words in a phrase flow together it can be quite long, but phrases, as long as they're not an obvious or common one, can make extremely good passwords.

You don’t even need to use numbers or symbols either - the single best way to make a password strong is simply to make it longer, which a phrase naturally is.

Examples:

MyboysareinthelocalVolleyballteam!
PizzastastenicerwithTuna
longweekendsaremadeforsleeping
IliveinthecityofManila

Idea 3: Create a passphrase acronym

Instead of typing out a full phrase, you can turn it into an acronym.

For example, if you choose the phrase "Coins.ph was founded in 2014 in the Philippines", then by taking the first letter of each word ("C.phwfi2014ithP") you’ll end up with a password that's both strong and easy to remember. Here are some other ideas:

IoaVW,wa777p

From: I own a VolksWagen, with a 777 plate

P!Tdh2bd2r

From: Passwords! They don't have to be difficult to remember

One important point - make sure it's at least 10 characters long & not based on a common expression. While Shakespeare himself may approve of "Tb,on2b,titq", it’s one that hackers will try because of how popular the phrase is.

Idea 4: Misspellings

Intentionally misspelling words can also create secure passwords if you're careful about it. Try typing words as they sound, such as:

KryingTeers2Nite
DubbleTrubbleBubble
ILykeCheezBurgurs

You'll have to be very careful if using this method since the password lists that hackers use include common misspellings (such as 'acommodate'), so the more obscure you can make it, the better.

One common mistake to avoid is to use something basic and then substitute similar-looking letters (e.g. an "0" for an "o", or a "1" for "i"). The resulting password might look secure - and even meet common password rules - but in reality, they’re not secure at all.

These for example are not secure passwords:

N3tfl1x@ndch1ll
P@$$w0rd1
L3tM31n

Idea 5: Create a formula

If you’ve got a mathematical mind then basing a password on a formula or other logical statement could perhaps be an option.

It's not for everyone, but passwords of this form can be very strong as they're often fairly long and use mathematical symbols that are rarely seen in passwords.

Some examples of these include:

Dog+Parrot=6legs
Children+Xmas=Excitement
5Weeks>28Days
2020-2010=Ten
Two+2=4-Zero

Idea 6: Add punctuation

Adding punctuation makes a great way of strengthening passwords. You can take your current password and split it up into chunks of letters with a couple of dots or plus signs inside. Not all websites allow all characters but you can play around to find what they do allow.

Try these ideas:

Was: Jessica1990

Now: Jessica.19.90:)

Was: EdsaTraffic

Now: Edsa!Traffic:(

Password Managers

Unfortunately, it’s almost impossible to remember all of your different passwords. In addition, we know it’s time-consuming to constantly have to type in your passwords at different sites, generate new passwords, track the answers to all your security questions, and numerous other factors. However, there is a solution that will make your life both much simpler and far more secure - Password Managers.

These software tools take away much of the stress associated with creating and remembering passwords by:

Creating new passwords that are extremely strong & unique;
Saving & remembering the passwords for you;
Automatically logging you into websites.

Password managers work by storing all of your passwords in a database or vault. The password manager encrypts the vault’s contents and protects it with a master password that only you know. It’s critical that the master password you use to protect the password manager is long and unique.

We recommend you make your master password based on the password creation ideas that were written above. If your password manager supports two-step verification, use that for your master password as well.

Useful links:

Online Password Manager

Offline Password Manager

Compromised accounts monitoring services