How to keep your online banking passwords safe

Phone showing unknown caller

This blog is general information only. It isn’t advice and isn’t an insight into the views of TSB or any of our Partners.

Some of us already know that banking online is very secure, due to the sophisticated security systems running in the background. But it’s only secure if personal login details and passwords are kept to yourself, preventing others from accessing your account. 

We look at how to keep your online banking details safe from fraudsters looking to steal your money. 

Never share your passwords with anyone. Not even your bank.

How to keep your login details and passwords safe.

The most important thing to remember is never share your username, passwords or memorable information with anyone. Not even with someone claiming to be from your bank.  

Logging into Internet Banking typically needs a user ID (username), password and “memorable information”. Even if you’re using mobile banking and want to login with your biometrics (such as Face ID or fingerprint), you’ll typically need to use traditional usernames and passwords first

When will you need a One Time Password (OTP)?

For extra security, you may be asked for a One Time Password (OTP) when you want to do things such as transfer money or reset passwords. 

One Time Passwords work by sending you a temporary password to a registered phone number, which you then enter to prove it's you. This is sometimes also known as “two-factor authentication” or “two-step verification”.

How might a criminal try to steal your login details and passwords?  

Beware of anyone asking for your login details and passwords. 

Criminals will cold call innocent customers and gain their trust by pretending to be from their bank – and sometimes even the police. Victims are persuaded to hand over their login details, passwords and – when prompted – their One Time Passwords. This allows criminals to access customers’ accounts and steal money, bypassing security systems because the transfers look genuine.

What to do if you receive an unexpected One Time Password.

If you’ve received a One Time Password out of the blue, call your bank immediately using a trusted number on their website or the back of your card. If someone has called you, hang up and call using a different phone to make sure the criminal isn’t still on the end of the line.  

What to do if you think you’re a victim of fraud.

If you think you’re a victim of fraud, contact your bank immediately. Your bank may be able to stop the money from leaving your account or – if it's already left – your bank may be able to contact the scammer's bank to freeze their account. 

You should also contact Action Fraud to report the scam and they’ll give you a police crime reference number.

Further information  


Everything we publish on Straightforward Money is provided as general information only. It isn’t advice and isn’t an insight into the views of TSB or any of our Partners.
Please think about getting independent financial advice if you want help with your personal situation.
We try really hard to make sure everything’s accurate when we publish it.  But the information can sometimes become out of date.  For example, we might link out to
sites that we like or think might be helpful, but that link may have been replaced by the other site.
Links to external content are provided for information purposes only; they’re not a TSB recommendation of any brand or service.

FAQ icon

Need to visit us?
Visit our FAQs

If you need help with something specific, let us know what it relates to or search a topic.

Go to help page