The perennial problem of password security made simple

1 March 2016 by Mark Williams

Having strong password security is like eating healthily; we all (hopefully) know we should be doing it but we never quite commit. We choose passwords that are easy to remember and quick to type. SplashData revealed its fifth annual ‘Worst Passwords List’ recently, showing that the most commonly used are still ‘123456’ and ‘password’.

Striking the balance between hard to guess but easy to remember is a challenge, so here are some dos and don’ts for creating strong password security.

DO use alphanumeric

Your password should contain a variety of characters including lowercase, uppercase, symbols and numbers. The better the mixture of these forms the harder it is to crack.

DO make it memorable

To help you remember your password try simplifying a phrase or using a sentence. For example, ‘I h@ve 2 sons: Tom & Jerry’ or the simplified version ‘Ih2s:T&J’ are both strong passwords and memorable.

DO use different passwords for different sites

Remembering one strong password can be tough so it’s tempting to share the same password for multiple sites. In the US, more than a third of consumers who share a password across accounts do so for their online banking, too. Absolutely do not do that: if a hacker hacks one account, they’ve hacked them all.

Limit potential damage by using a separate email for all social platforms and another email for the non-important sites that require a log in, so that if one account does get hacked the criminals can’t reset all your other passwords.

DON’T write it down

If you must keep a note of your password to remember it, disguise it in a phrase or change the letters in a way that you would recognise but no one else could. Keep the note close by, too, so you will notice if it goes missing.

DON’T create a folder of passwords

There’s no use going through the effort of creating strong passwords if you then put them in a folder on your computer. If a hacker gets through they will have full access to all other protected information. A safer option is to use password management software such as LastPass or Dashlane that stores and encrypts all of your passwords.

Refresh or regret

Cybercrime is a fast-growing threat in today’s online world but no one thinks it will happen to them. They’re wrong. Cyber criminals targeted more than 12 million Britons in the last year. That means one out of every five of us was a victim. And yet, the Norton Cybersecurity Insights Report found that 42 percent of Brits didn’t change their password after a security breach.

Clearly the message still hasn’t got through: password security matters.

Don’t be the one in five who regrets not having strong password security. Refresh them often, follow best practice and stay secure.

Follow this link to get your free IT security policy template.