Password security at Firi

Password security at Firi

Security measures when logging into Firi

In this article, we will talk about password security and explain the various security measures for logging in to Firi.

To register and log in to both our website and app, you need a digital id like Vipps in Norway or MitID in Denmark.

Log into Firi with Vipps

For our customers, registration is quick and easy with Vipps/MitID. This is a secure and super-simple login completed with just one click. The only thing you need to remember is your own phone number.

If you register with Vipps/MitID, you do not have to enter all the information we need to create your user, such as name, e-mail, telephone number and address. Your profile will tell us what we need to know.

Important: When you register with Vipps/MitID, you do not have a username and password with Firi and do not need to go through two-factor authentication.

Username, password and two-factor authentication

If you previously created an account using email and password, and not Vipps/MitID, you can log in with that. In this case, you will also need two-factor authentication for extra security.

What is two-factor authentication (2FA)?

Multifactor authentication, two-factor authentication (2FA), or two-step verification as it is also called, is an extra layer of security in addition to passwords. The most well-known two-factor authentication is BankID and MitID. Here you enter both username and password, but you must also use a password calculator or your mobile phone. In other words, it takes two factors to log in – something you remember (such as a password or code) and a device (such as a cell phone, computer, password calculator, etc.). Other types of 2Fa can include a fingerprint or face shape.

Two-factor authentication is an important security measure. It makes it harder for people to access your account even if they manage to guess your password. Creating passwords that are sufficiently unique, long and strong can be a challenge, so an extra layer of security is absolutely necessary for most people to avoid falling victims to cybercrime.


How to create a strong password

  • A password should have at least 12 characters. Firi requires 14 characters for additional security.
  • We recommend you use both lowercase and uppercase letters in the password.
  • Numbers and special symbols can also be used to strengthen the password.
  • Do not use personal information in the password.
  • Have different passwords on all user accounts.
  • Feel free to write down your passwords on a piece of paper that you keep in a safe place. You should never keep your passwords with your computer or mobile phone. Ideally, you should store your passwords in a password manager.

Password manager and strong passwords

It can be a challenge to both write down and remember all the different passwords you have on different websites. We therefore recommend everyone to use an encrypted password manager that stores all your passwords in a safe and secure way. Remember that if a website is hacked, and you use the same password on several websites, the hacker has your login information for all those websites.

Examples of password managers are LastPass, F-secure safe and 1Password, and there are many more out there.

Password managers are, simply put, apps with a main password that should be very strong and completely unique. This is the only password you need to remember. We recommend that you use password phrases instead of a single password. An example of such a sentence is:

Fruit salad with Ch0c0late!

This password has 25 characters, including uppercase and lowercase letters, numbers and special characters, but is quite easy to remember and difficult to crack.

How do they hack you?

How does hacking work? You might think hackers use clever methods to crack your password. That they are sitting in dark rooms and "hacking" your password. But the truth is that in most cases, YOU are the one being hacked – by the swindlers tricking you into giving them your password. The most common way this happens is by being tricked into clicking on links in emails. These emails will pretend to be from someone you know or from a company or organization you trust. You should therefore always be careful, and double-check the sender when you receive links by e-mail. We will return to this in the next section.

But there are also other methods that scammers use. For instance, they might get in touch with you directly and make you trust him or her. Be aware of suspicious phone calls or people who contat you directly on social media og dating apps.

Online fraud

Phishing, or electronic information fraud, is when a cyber-criminal tries to manipulate someone into acting in a particular way so that the scam-artist can gain access to sensitive information. This could be tricking someone into opening an email attachment, clicking on a link, paying fake bills, downloading files on websites, etc. Phishing attempts are most often made by e-mail, but social media has also been widely used to target people. The scammers can pretend to be someone you know and trust.

Advice from our security experts on how to avoid phishing attempts:

  • Check the email address, phone number or username of the sender. If fake, they may be similar to addresses, numbers or names you already know, but with some minor adjustments. For example, an email address may end in “.com” instead of “.no”, in which case it is a sign that the account is fake.
  • STOP-THINK-CLICK. When using your email and social media, you should check link-urls. You can do this by holding the cursor over the link.
  • Do not click on links, but copy the address manually or enter the address into the browser.
  • Never send personal information by email or share it with strangers who call.
  • Keep operating systems and programs, especially antivirus, up to date. This can prevent many programs from infecting your computer.
  • Furthermore, we would recommend that you take a look at this blog post, in which we provide information and tips on how to avoid investment fraud and online fraud.


If you follow our advice regarding passwords and security, and you are careful not to share passwords or other personal info, you will probably be well protected. We recommend you learn more about “social engineering” to understand how fraud works. Here is a YouTube video that explains the concept of social engineering.

Do you believe someone has tried to defraud you? Contact [email protected] immediately.

Get started

Cryptocurrency for dummies

Cryptocurrency for dummies: In this article, we answer common questions about cryptocurrency.

How to buy Bitcoin (BTC)

The following article provides information on how to buy Bitcoin (BTC) - Read more about Bitcoin here

What is crypto saving?

With our new service “Kryptosparing” (crypto-saving), you can easily set up a savings plan based on dollar cost averaging, perfect for long-term investment in cryptocurrency.