Cyber Bytes: Why your password might not be protecting you

Welcome to Cyber Bytes, a regular newsletter which gives you easy-to-understand cyber security advice, and tells you what steps you can take to protect yourself online.

In this issue:

• Why are passwords so important?

• How do I make sure my passwords are protecting me?

• What can I do?

Why are passwords so important?

Passwords are the first line of defence for your personal data. They’re designed to allow you to access your account, and stop hackers from getting in.

The problem with passwords is that only good passwords help keep you safe.

Good passwords are passwords which are easy for you to remember, hard for someone else to guess, and longer in length. (We recommend at least 15 characters.)

Good passwords help keep you safe because hackers will find it hard to guess good passwords. And password-cracking software isn’t powerful enough to crack them.

A bad password is much less likely to keep you safe. Bad passwords include passwords that:

• Are too short (usually less than 15 characters)

• Are commonly used (for example, password123 or qwerty)

• Use personal information (eg, the name of a pet, or your favourite sports team)

How do I make sure my passwords are protecting me?

The UK’s National Cyber Security Centre (NCSC) recommends that you create good passwords using three random words.

There are several reasons they recommend this approach:

Good passwords are easier for you to remember. Three random words are easier for you to remember than a string of numbers and letters.

Good passwords are hard to guess. Three random words are hard for hackers to guess, and more difficult for password-cracking software to crack.

Good passwords are long passwords. Using three random words makes it easier to generate longer passwords. (We suggest 15 characters at least).

Here are some examples of passwords using three random words:

• SnailTurboYellow (16 characters)

• pauseaeroplanewarm (18 characters)

• snuggleautumnrocketship (22 characters)

We do not recommend making complicated passwords using special characters (like # . & or \) or strings of letters and numbers. Special characters can make your password more secure. But they also make it harder for you to remember.

You can get extra security by using upper and lower case letters and making longer passwords. Not sure what words to choose? There are online tools that can help you, including: wordcounter.net, and randomwordgenerator.com.

What can I do?

The most important thing you can do is change all your passwords so they are good, unique passwords.

If you want more support and advice, you can book a FREE cyber advice session with our team by completing this form.

You can also find out more using these resources below: