Domestic Violence Can Make Password Safety More Complicated

An abusive partner or ex-partner often knows much more about you than others, and this can put your personal information stored in accounts and devices at risk. The perpetrator may coerce you to share passwords or may even be able to guess them.

It is important to create a safety plan before changing your passwords if the perpetrator is likely to become more abusive if they cannot access your information in the same way. You can contact your local anti-violence organization to develop a safety plan.

What Makes a Password Less Safe?

The perpetrator’s intimate knowledge about you means that these common password habits are NOT safe for someone experiencing violence or abuse:

  • Using common passwords, like ABC123 or password
  • Using your own, children's, or pets’ names or birthdays in passwords
  • Using the same passwords for all accounts
  • Answering backup questions with answers that an abuser may know or be able to guess (e.g. your mother’s maiden name or your favourite colour).

Good Password Habits

Use Different Passwords for Different Accounts

That way, if someone discovers one of your passwords, they won’t have access to all your accounts.

Avoid Using Keychains

Resist using keychains via your browser (e.g. Safari or Google Chrome) to store your passwords. These are little messages that you may see at the top of your browser that ask if you would like the browser to store your password. But do consider using a password manager (see below).

Be Strategic with Your Secret Questions and Answers

Those secret questions aren’t really secret. Someone who knows you (or someone who can Google) may be able to guess where you went to high school or your favourite colour. There’s no rule that you have to be honest when answering those secret questions so make up an answer that you will remember but someone else can’t guess or make use of the option to create your own secret question if available.

Keep Someone from Cracking Your Password by Testing It

It’s not just someone who knows you who can guess your password. Computer programs can easily and quickly crack passwords. Words that come out of a dictionary are easier for these programs to decode. Create a mix of words and symbols or phrases, and make it long so it’s more difficult to crack.

You can:

  • Check to see if your email address has been breached at Have i been pwned?.
  • Test your password at How secure is my password? to see how easy it would be for a password-cracking software to guess. You’ll be surprised at what you learn! For example, “blahblah” would only take 5 seconds for a program to crack, but “blahblahblahblah” would take 35 THOUSAND years! (Now don’t go and use that one – figure one out for yourself!)

Finally, ensure any recovery email addresses and phone numbers are current and are your own before enabling 2-step verification or multi-factor authentication as an additional security step.

Keep It Simple

If you make your password too complex or difficult, chances are you’ll forget it and get locked out of your account. Your password should be a phrase or words with numbers mixed in that you can easily memorize. If you must write down your password, be cautious about where you keep it.

Sticking it underneath your keyboard or on your monitor isn’t the most secure place. You also don’t want to keep it somewhere where someone else could easily find it by going through your belongings. Or, instead of writing down the password itself, write down a hint so you can remember what it was.

Keep Accounts Separate

Sometimes services like Facebook or Google give you the option to sign into other accounts using the accounts you already have with them. This can be convenient, but if someone gets the password to your Facebook, for example, they may be able to access many other accounts easily.

Don’t Share Your Password

Before you share a password, make sure this person is someone you can trust, now and in the future. Most of our online accounts hold a significant amount of personal information about us, and you might not want it shared with others.

Change Your Password Often

If you think someone knows your password, changing it will keep them from further accessing your accounts. It’s also good practice to get in the habit of changing your passwords now and then.

Uncheck the Remember Me or Keep Me Logged In Feature

While these features make it super easy to access accounts, it also makes it easy for someone who’s using the same computer or device to access those accounts. Be especially careful to uncheck those features if you’re logging in to an account on someone else’s device or a public computer.

Always Remember to Log Off

Your account may remain open for days if you don’t log off, allowing others access. Some accounts, such as Facebook and Gmail, allow you to see other places where you’ve logged in and deactivate those log-ins.

Delete the Account or App

If you’re using an app on a smart device that doesn’t allow you to log off, you might want to consider deleting the app or account. This is an additional hassle, but you can weigh the sensitivity of the information in that account and the risk of someone else accessing that information.

Suggestions for Making Passwords Easier to Remember

Those experiencing violence often have way more on their minds than remembering a lot of passwords. Sometimes that can be related to things like trauma, sleep deprivation, stress, or depression. It is not your fault if you find yourself forgetting passwords. Try these suggestions for making passwords easier to remember:

Choose Four Things

Create a password with four different things that are not related. Try listing them in alphabetical order to help you remember their order (e.g. CoconutElephantMicroscopeNetball)

Write a Sentence

Write a sentence and misspell or use a non-English language for some of the words (e.g. MifavouriteactorisNicoleKiiidman).

Consider Using a Password Manager or Vault

These can not only store your passwords in one secure area, but they can also generate strong and unique passwords so that you don’t have to put the energy into doing that yourself. We recommend researching reputable tech sites to select a password manager that you feel is right for you. Many of these offer free subscriptions at a base level – all that is needed is one rock-solid password to “lock” the vault and all of your other passwords within it.

Technology-Facilitated Gender-Based Violence (TFGBV) is part of a continuum of violence that can be both online and in-person. If you or someone you know is experiencing TFGBV, you are not alone. You can use sheltersafe.ca to find a shelter/transition house near you to discuss options and create a safety planYou don’t need to stay in a shelter to access free, confidential services and support.

Adapted for Canada with permission from NNEDV’s Safety Net project, based on their resource Tips for a Secure Email Account.

Safety Check!

If you think someone is monitoring your devices, visit this website from a computer, tablet, or smartphone that isn’t being monitored.

EXIT NOW from this website and delete it from your browser history.

Exit Site