This article is about CoinJar in Australia. If you're looking for instructions for CoinJar in the United Kingdom, visit this article.
What is a password?
Passwords are our digital keys to access all sorts of products and services. A strong password can significantly reduce the risk of your online accounts being compromised.
There are a few ways in which you can create a strong password. Some of the strongest passwords are password sentences and passphrases. In addition to this, there is the Diceware Method, as well as password generators built into most password manager services.
It is important to remember the following when creating a password:
- Use both uppercase and lowercase characters
- Include symbols and numbers
- Use unique passwords for each service you have an account with
- Use long passwords - short passwords are not secure
- Never use identifiable details (Date of birth, street name, family name, pet’s name, etc)
- Never use the same password across multiple services
What happens if I use the same password on multiple services?
When the same password is used between a series of accounts and one of those accounts is compromised, it becomes very easy for your online identity to be taken over by a third party.
Using the same password between many accounts also:
- magnifies the impact of a data breach, where the same password used on multiple services can lead to multiple account breaches
- allows attackers to use automated tools to test and try these combinations on websites that were not involved in a data breach, further exposing your online accounts
- makes it difficult to track which account or service originally led to the compromise as the same password is used in multiple places
If you use the same password between your email address and CoinJar accounts, both accounts can be compromised very quickly.
How can I keep my passwords unique and secure?
A password manager (such as iCloud Keychain, Bitwarden or 1Password) can help you generate, store and retrieve complex passwords. There are locally installed password managers as well as online services that may require a monthly or yearly subscription. Password managers generally require a “master” password to unlock and access information within.
Our Knowledge Base also includes some helpful tips on creating strong and secure passwords.
What else can I do to protect my account?
You should always enable Enhanced Security (two factor authentication or '2FA') for any online account you operate. You can read more on our Knowledge Base:
Creating strong and secure passwords
Using a password manager or password generator
Remembering passwords can be difficult, particularly with the large number of services available. One of the easiest ways to build and remember passwords is to use a password manager (such as iCloud Keychain, Bitwarden or 1Password) or generate a password using a reputable online service.
As an example. BitWarden has a quick, easy and safe password generator with multiple options, including passphrases using memorable dictionary words, and passwords are generated client-side.
Checking the strength of your passwords
You can also check the strength of a password and see an estimate of how long it might take to be compromised via a brute force method, or how easy it is to guess.
As a general rule of thumb, you should never enter live passwords into services like this, and use it only as an example.
What is a Diceware password?
If you’re looking for a more advanced method for password generation, the Diceware method generates passwords by rolling a six-sided die five times, with the die acting as a hardware random number generator. These five die rolls generate a five digit number which then identifies a single word from a premade list of words.
The original Diceware word list contained 7776 words, however in 2016 the Electronic Frontier Foundation published three alternative English Diceware word lists – these word lists contain words with more characters than the original Diceware word list.
Passwords generated using the Diceware method generally look something like the following:
You can modify a Diceware-generated password for added strength using the same techniques we applied for password sentences:
How do I reset my CoinJar password?
If you no longer have access to your CoinJar's password, or if we have asked you to change it after signing in, you can visit the link below to request a password reset email.
If you don't receive these reset instructions in your inbox within a few minutes, please ensure they aren't being redirected to your email address's spam/junk folder.
Please note that CoinJar passwords are encrypted and cannot be recovered if lost. Resetting your password is the only way to regain access to your account, and is easily done if you still have access to your CoinJar's email address.