Tips for creating a strong password

It's important, whenever creating an online password, to think carefully about your choice, striking the balance between memorability and vulnerability. Too obvious, or simple a password could be easily guessed, too complicated and there's a good change you will forget it.

Passwords to avoid

We prevent the most commonly used passwords and your previously-used password from being created on our website. To this end, please avoid using any of the following as your password:

  • Your name or nickname
  • Your email address
  • The names of your family members (including maiden names), or pets
  • The name of a famous person, music group or sporting team that you are known to like
  • The same password that you use for your email account
  • Sequences of numbers, or repeated numbers, for example 123456, or 555555
  • A memorable date, especially the dates of birth of you and your family
  • The word 'Password', even with an extra digit at the end, for example Password7
  • Any other single word, as these are easy for a hacker to guess
  • Replacing letters in a common word with numbers, for example Pa55word

Creating a strong password

  • Ideally 8 characters in length, but the longer the better
  • Incorporate lower and uppercase letters, numbers and ideally at least one symbol such as £ $ % ^ & * @ ( ) + -
  • Try combining two or three unrelated words, BookMarmaladeSnowstorm is harder to guess than HamEggChips
  • Mismatch two or more books titles, for example Animal Farm and Fahrenheit 451 could give AnimalFahrenheit451
  • Take the first letters from a longer book title, for example The Hundred-Year-Old Man Who Climbed Out of the Window and Disappeared could give T100yomwcootwad.

Password security

Look after your password and it will look after you.

  • Please don't share you password with anyone else
  • If you suspect somebody else knows your password, change it immediately
  • Ideally, you should use a different password for every website you use
  • We will never ask you for your password, neither by email, nor by phone