How secure are your P@ssw0rds?

Passwords.

We’ve all got them, and with the amount we need to remember, we’re almost always forgetting them. Passwords play a huge part in our daily lives, and are used for virtually everything we do online. Your computer, tablets and smartphones all use them to protect personal information about yourself and your customers.

According to a report conducted by LastPass – one of the largest password managers – the average employee now has to keep track of 191 passwords. Not only that, but a staggering 81% of data breaches are due to passwords landing in the wrong hands.

So, what exactly makes a good password and how can we make them secure?

The National Cyber Security Centre (NCSC) is the UKs dedicated agency for cybercrime prevention, and they are the ones who introduced the government backed cyber essentials certification that protects organisations from 80% of cyber-attacks.

So, what do the NCSC say about choosing a secure password?

1. Use a password that is a minimum of 8 characters long.
2. Avoid using obvious passwords, such as pet’s names or favourable locations.
3. Avoid common passwords such as qwerty, 12345 or password.
4. Do not use the same password for multiple accounts.
5. Do not use default passwords or predictable passwords.
6. Do not save your password in plain text on your device or write it down on paper where it can be easily accessed.
7. Where possible, enable biometrics on your device.
8. Consider using a secure password manager for if your organisation uses multiple passwords.

Interestingly you’ll notice that the guidance on complex passwords or password expiry is no longer advised, instead their new guidance is that you should change your password when you suspect suspicious activity on your account. They also suggest that a 3 random unrelated word password is just as strong as a complex password.

How can three random words be better than my complex password?

Cyber criminals around the globe have become accustomed to us now creating “complex passwords” which consists of us using numbers that appear similar to the letters to we are trying to remember.  Passwords like Pa$$w0rd, Ra1nb0w! and Sn0wfl4ke are no longer a challenge.

Three well-chosen random words allows us to easily remember our password and when combined they can create something quite complex such as CoffeeTrainCactus or BrilliantTinFish.

Ultimately, it’s your choice what you choose for a password. Whether it be a complex, 3 word password or one generated by a password manager, hopefully this will help you make your password choices a little more informed.

If you’d like any more information on the services we are able to offer, and how these may help you, please get in touch.