top of page

Password Security (June 2024)



We're often told that the passwords for our online accounts should be very strong, and not to use them anywhere else. This is especially true for your e-mail account password. If you've used the same password across different accounts, cyber criminals only need one password to access them all.

 

Always use a strong and separate password for your email i.e. a password that you don’t use for any of your other accounts, either at home or at work.

 

If a criminal can access your email account, they could:

 

·        Access private information about you (including your banking details)

 

·        Post emails and messages pretending to be from you (and use this to trick other people)

 

·        Reset all your other account passwords (and get access to all your other online accounts)

 

But how do you create strong, secure passwords and how do you remember them all?

 

Creating strong passwords

 

A strong password is like a sturdy lock on your virtual front door. It prevents unauthorized access and keeps your sensitive data safe. Unfortunately, many people still use weak passwords for example:

 

Password - 123456 – qwerty - password1 - 11111111

 

All of the above passwords are extremely easy to guess and are amongst the first that hackers will try to get into your accounts. These passwords will usually take less than a second to be hacked.

 

A few guidelines on creating strong passwords:

 

Personal Information: Refrain from using details like your name, birthdate, or family members’ or pet’s names. Cybercriminals can find this information easily online.

 

Length Matters: Aim for a password that’s at least 8 characters long, preferably 12 or more. Longer passwords are harder to crack.

 

Mix It Up: Combine upper- and lower-case letters, numbers, and special symbols such as ‘#’ or ‘!’.

 

Three Random Words: Combine three unrelated words e.g., “PurpleChairApple”. This approach creates a strong yet memorable password. Or think of a memorable phrase and transform it into a password e.g. going to the beach.

 

Use numbers as letters: Use numbers in a word in place of letters e.g. 1 for I or 0 for o

 

Put it all together: If we use a combination of the above example “going to the beach” becomes “G01ngT0th3B3ach#73” .

 

Different Passwords for Different Accounts: Imagine having one key for all your doors at home. If someone gets hold of it, they can access everything. Similarly, using the same password across multiple accounts is very risky. Try to use account isolation by creating unique passwords for each account. If one account is compromised, the others remain secure.

 

Keeping your passwords secure:

If you are writing down your passwords proceed with caution. Whilst historically writing down passwords was not advised, the sheer quantity that we now use in day-to-day life makes this extremely difficult. If you do decide to write your passwords down, then:

 

·        Keep them Secure. Store this information away from your computer in a locked drawer, or secret location. The top drawer of your computer desk is the first place a burglar will look. Another option if you have a bookshelf full of books is the write your passwords in the back blank pages of your favourite book. A burglar wouldn’t know which book to look in. But make sure that your family members know which book it is in case of an emergency.

 

·        Don’t write down the actual passwords. Use hints only you’ll understand. For instance, “Favourite thing to do + 2nd pet’s birthday.”

 

·        Use Two-Factor Authentication. Alongside strong passwords one of the best steps you can take to protect your accounts from hacking is to use two-factor authentication, also known as 2FA. 2FA means that if someone tries to log in from a computer, tablet or phone that you haven’t approved, it sends an SMS to your phone with a one-time code you need to type in before it will authenticate you. If it’s you logging in from a new computer, you’ll be able to type in the code and complete your log-in. A hacker won't have access to your mobile phone and won’t be able to finish logging in – so they won’t be able to access your account.

 

Next month we’ll discuss using digital password managers to store your passwords safely.



1 view0 comments

Comments


bottom of page