Blog by Chelsea Jarvie, Director of CJ Cyber Ltd.
Passwords are here, there and everywhere, but they are hard to keep track of and remember. The guidance states that passwords need to be long and complex, and you should never reuse the same password twice. With the average user having around 200 different online accounts, it’s difficult to have different passwords and remember them all! Chelsea Jarvie runs us through a few tips for making strong passwords you can remember and highlights the benefits of a password manager…
Having a strong, complex and unique password for each account makes it far more difficult for hackers to get access to your personal or sensitive online information. A hacker attack occurs every 39 seconds, so the likelihood of one of your online accounts being compromised is unfortunately high.
Instead of a password, the National Cyber Security Centre advises us to use a passphrase with three random words. In order to make it unique and memorable for each site, choose three words that you think of when using the site, for example; your LinkedIn passphrase could be “FindaN3wJob!” or your Twitter account could be “LittleBr0wnSparr0w:)”
Once a hacker knows your email address and password for one account, they can try to see if the same combination works on different sites. Therefore, it is important to have a different password for each account to make it harder for hackers to access your personal information.
To keep track of all your newly created passphrases, you can use a password manager. Password managers store all your usernames and passwords securely for you. You may already be using one as they come built into many browsers, however, you can download and use a standalone one.
Since your password manager will hold the keys to all your accounts, it’s important to make sure it is secure. Choose a very strong password for your password manager using the guidance above. It is also important to set up two factor authentication for your password manager, this is where you use a secondary method on top of your password to gain access. This is usually in the form of a text message, or your fingerprint and you’ll have probably come across this if you bank online.
Finally, there is a website you can check called haveibeenpwned.com which allows you to check if your email address has been compromised in a data breach. If you currently have an email address you use for many online accounts and you use the same password, this tool will allow you to see if any of your accounts are at risk.