Choosing passwords – how do you do it?

News, Security,

With our personal and work lives requiring so many passwords, it’s difficult to keep coming up with new ones! The National Cyber Security Centre (NCSC) have been championing the three random words method as a strategy to help with this problem. 

Exactly as the title suggests, this method involves choosing three words at random and combining them to make a password, for example: paperhumbleconnect

Weak passwords can be easily cracked, but the longer and more unusual your password is, and the more random the words you combine, the more difficult it is for a cybercriminal to crack it.

In recent years the standard advice has been given around using long, complex passwords that contain random letters, numbers and symbols. However, generating, remembering, and entering this kind of password is impractical for most of us, particularly if you’re on a mobile device.

So, faced with yet another password to come up with, we may all be tempted to opt for a variation of a familiar word, name or date, or perhaps reuse a password we already use elsewhere. Common tactics include substituting numbers for letters.

The problem then is that these tactics are familiar to cyber criminals and the net effect isn’t really to make the password any stronger, just more difficult to remember.

So what’s the alternative?

The ideal approach would be to use a random password created by a password manager, as the strongest option, but the NCSC note that use of password managers remains very low. 

So we come back to the three random words method, which is considered to produce a long enough and strong enough password for most purposes, and is easy enough for most people to understand and use.

And in case you’re wondering, NCSC also say that writing your password down is fine, as long as you keep your written note somewhere safe.

You can see the full guidance here.

Business News

We send regular updates that keep clients aware of changes and suggestions on a wide range of subjects; if you’d like to receive those too, just add your details below and we’ll do the rest! We promise not to bombard you and you can unsubscribe at any time.

  • This field is for validation purposes and should be left unchanged.
If you've found this post helpful, please share it with others…