Guidance

The first Thursday of May is World Password Day, established to help raise awareness of the importance of strong passwords.

Passwords, we all use them. From unlocking our devices, logging in to our emails or checking our bank accounts, every account requires us to enter a password before entry. But, are the passwords that you choose for your accounts secure?

Passwords are an important step to help keep our accounts secure online, and often one that many people under value.

Many people are choosing passwords that can be easily guessed by hackers. In fact, according to recent reports, the most common used password of last year was ‘123456’. Other examples of easy to guess passwords are those that include information related to that individual such as birth dates, favourite sports team, family and pet names. We tend to choose these types of passwords so it’s easy for us to remember, however this could be putting our accounts at risk.

The National Cyber Security Centre advise that we should choose passwords that are ‘long enough and strong enough’. Passwords that have 6 or fewer letters, can be cracked in seconds, so the longer and more unusual your password is, the better. NCSC suggest that we create passwords using ‘three random words (3RW)’. Three random words can be remembered much more easily than complex characters and symbols, but importantly this can increase the length of your password making these harder for criminals to crack.

Below are some methods that will help you choose strong and separate passwords to protect your accounts.

  • Create a stronger and longer password, that is easy to remember by combing ‘three random words’. E.g. ‘Paint!SquidPorridge3’. You can include numbers and symbols if needed. Using three random words allows you to set passwords that are unique, strong and easy to remember. You can read this blog from the NCSC about why the ‘three random words’ technique works.
  • Use a different password for all your online accounts, and in particular your email account. If you’ve used the same password across your accounts, cyber criminals only need one password to access all your accounts.
  • NCSC encourages people to use password managers, which can help create strong passwords for you (and remember them).
  • Turning on 2-step verification on your accounts, will help provide an extra layer of security that verifies it’s really you logging in, by asking you to provide an additional piece of information. This could be a code texted to your phone, finger print or face scan, or an authenticator app. This will help prevent a criminal accessing your account even if they know your password.
  • Delete accounts that you no longer require. Check if your password has been compromised in any data breaches. https://haveibeenpwned.com/Passwords If your password has been breached, change your password immediately.
Back to top of the page