We all know security is important - but one of the most overlooked security risks are passwords.
We always take the time to ensure our software is up to date and check the security credentials of our suppliers. But it is equally important to ensure our passwords are strong.
Recently, a number of UK high street shops have had their online systems hacked. It's a good reminder that keeping your accounts secure is more important than ever as the number of online accounts we each have continues to grow.
Researchers from NordPass have reported that on average, we have about 100 password to remember. According to their research, this number increased from 70 to 80 compared with a similar poll between 2019 and 2020.
So what makes a good password?
A good password should be an original one.
Whilst it's easy to use the same password for multiple sites and services – especially if you're managing the average 100 passwords - the obvious danger is that if one accounts is compromised, then they all are. So, it's critical to create an original password for each service you use.
Best practice for passwords
Password Length
Online tests now show it's the password length that really matters when it comes to security. The reason for this is that there are just more characters to try and crack, which takes hackers more time. It will take them more time to work through the combinations on a 15 character password than a 5. You can test your passwords online to see how easy they are to crack. Check if you're using any of the top 200 common passwords.
You can probably also just develop your existing passwords a little more to make them secure. For example, say your current password is manchester because that's where you live. Capitalise the M and turn your e's to 3's. Your password has now gone from instantly crackable to about 6 years for desktop cracking software. Now make it more secure by adding a character, like a dash or full stop and a memorable number, like a year. Maybe you moved to Manchester in 2005, so use that. Your new password Manch3st3r-2005 would take 157 billion years to crack. That's pretty secure!
You can also take it one step further, to make them unique per website. Add a dot and the site you're one and you've now got an uncrackable unique password that you can remember!
Manch3st3r-2005.facebook
You can also use a site like http://correcthorsebatterystaple.net/ to get you started with words or phrases that you can remember and manipulate into a secure password.
Use a Password Manager
If you do have over 100 passwords, that's a lot to remember. Some sites, like your bank, most likely have restrictions in place on the length and characters you can use, which may not fall into the system you've devised. This is where using a password manager can help. Password managers will remember your passwords for you and allow you to instantly create secure passwords by choosing a long password. For those sites that force you to create a login for the one time you access it, this is really useful as it allows you to remember it easily and ensure it remains secure. Have a look at the options out there and find the one that's best for you.
Use MFA or 2FA
Multifactor or 2-factor authentication is quickly becoming standard. You've probably used this on your online banking, where you are required to authenticate your login with a second method, such as a code sent via text or an authenticator app.
The National Cyber Security Centre has lots of guidance on how to use 2FA and lots of general guidance on keeping your online accounts secure.