What Makes a Password Strong?

 

Person on their phone inputting their password

Passwords are the base level of protection for your accounts and devices from cyber attacks such as hacking, phishing, and identity theft, keeping your information safe. With a strong password, you can protect your accounts from unauthorised access and prevent sensitive data from falling into the wrong hands.

Without a strong password, anyone can gain access to your online accounts and personal information, including your banking and credit card details, photos and videos, private messages and more.

It is important to use strong, unique passwords for each of your accounts, and to change them regularly. 

What Makes a Password Strong?

A strong password is a unique one. If you use a password repeatedly, you run the risk of the password being leaked from one service, and subsequently all your accounts could be compromised. Using different passwords for each account you make means if one is leaked, you don't need to go and update them all!

Whilst creating your password, there are some guidelines that may help you be sure it is strong:

  • Use a mix of characters:
    A strong password should include a mix of upper and lower case letters, numbers, and special characters. For example, you can replace some letters with numbers or special characters, such as '@pple' instead of 'apple'.
  • Avoid personal information:
    Do not use personal information, such as your name, date of birth, pets name, or address in your password. Hackers can easily guess this information.
  • Make it lengthy:
    The longer the password, the harder it is to crack. Aim for a password that is at least 12 characters long.
  • Avoid common words:
    Avoid using common words or phrases that can be easily guessed, such as "password," "123456," or "qwerty."
  • Generate a strong password:
    Consider using a password manager to generate and store strong passwords for each of your accounts. This can make it easier to use strong, unique passwords without having to remember them all.

How Will I Remember all my Unique Passwords?

Having a unique password for all accounts is a good idea on the security side, but how do you remember them all? Writing passwords down is bad practice, especially if you note down what the log in is for and both username and password. Using common passwords such as “password”, or any variation of that will also likely cause your account to be compromised. 

It can be challenging to remember all your different passwords, especially if you are using strong, unique passwords for each account. Here are some tips to help you remember your passwords:

  • Use a password manager:
    In the WJPS office, we use a password manager to securely store all of your passwords in one place. With a password manager, you only need to remember one master password to access all of your other passwords. Some password managers also allow you to generate a strong password, which is useful if you're running out of password ideas! While prices of password manager vary, there are also some available free of charge.
  • Create memorable passwords:
    This one seems like we're stating the obvious, but try to create passwords that are memorable to you, but difficult for others to guess. You can use a combination of words, phrases, and numbers that have personal significance to you, or are relevant to the account the password is for.
  • Use password hints:
    Consider creating a password hint that only you would understand. This can help jog your memory if you forget your password. You can write these hints down in a book without worry of someone finding it and having a list of passwords.

Remember- Don't write passwords down to avoid writing your passwords down on paper or in a document on your computer. This can increase the risk of someone else finding them.

You should never use personal details to create passwords. If you use a family members name, a pet’s name, your date of birth, or any personal information, you run the risk of a targeted attacker guessing your password. 

NCSC Memorable Password Guide

There has also been guidance provided by the NCSC for creating a memorable password.

The basic rundown of how the NCSC suggest making a memorable password is to use three random words, so in their example they use red, house, and monkeys to create “3redhousemonkeys27!”. To make this unique for each site you could make a variation of your password for each website or service, or use a completely new 3 words. 

To increase account security even further, we would recommend setting up two factor authentication (2FA) on accounts that allow it. 2FA means that even if an intruder knows your password, they will need access to a device such as your phone in order to log into your account.

Published: 27/01/2024 Published by: Admin

Return to News Page.