Password security – Understanding the basics

20 May 2022 UK SIC

We all use passwords for many different things. They protect our computers, our phones, our money and even our games consoles. Although we may feel we are appropriately protected, a password is sometimes the only thing that protects our valuable data. It is therefore essential to ensure that passwords are strong and are doing everything they can to protect against hackers and cyber-criminals.

Depending on how good a password is, hackers can spend varying amounts of time trying to crack them. A weak password can be cracked in seconds whilst a strong password can take hundreds of years. In this article, we run down a few key points to remember when it comes to managing your passwords.

How to create strong passwords

  • The longer the password the better (try and get to 14 characters+)
  • Make sure they are random and have no association to you (no links to family, pets or hobbies)
  • Make sure you use different passwords for different accounts (if a password gets compromised, your other accounts will still be protected)
  • Make sure they are easy to remember but are hard to guess (four random words is a good strategy e.g. PencilSpatulaGorillaNeptune)

How to protect your passwords

  • Don’t write down any password, try and make them easy to remember
  • Never tell anyone your password (make sure you are the only one accessing your accounts)
  • Make sure your software and devices are kept up to date
  • Be vigilant towards other people trying to see your passwords e.g. over your shoulder, recording etc.)   

How to manage your passwords

  • Try and use a password manager. These will keep different passwords to hand for different accounts. They are especially useful if passwords are long and difficult to remember. Password managers are protected by a master password which must be remembered by the user. 
  • Incorporate other security measures for different accounts such as multi-factor authentication (receive an email or a text to confirm it is you trying to access the account) 
  • Try and regularly update your passwords
  • When generating passwords for others (e.g. in the workplace), use an online random generator which will create long and hard to remember passwords. Encourage users to change it once they are logged it.

If you want to know more about password security, you can download the free resource from SWGfL about Password Management. Included are additional tips and tricks to make sure you keep your accounts secure.