Wednesday 03rd May, 2023
Password is not a password!
Today is world password day! It falls on the first Thursday in May each year and is intended to raise awareness of good practice with passwords, to keep everyone safe when going online.
We all seem to gather up more passwords with every passing year and, with lots of often confusing information out there on how to manage them, it all makes online security even more challenging for the average person.
So here’s some tips from the UK’s National Cyber Security Centre (NCSC) on good password practices:
Take special care of your email password
Always use a separate strong password for your email; that is, one that you don’t use for any of your other accounts, either at home or at work. If you use the same password across different accounts, cyber criminals only need one password to access all your accounts.
If a criminal can access your email account, they could:
So, if you have re-used your email password across other accounts, change your email password as soon as possible.
Consider using a password manager to safely store your passwords
We know that passwords for important accounts like email, banking, shopping and social media should be really strong, and not to use the same password anywhere else. The trouble is, most of us have lots of online accounts, so creating (and remembering) different passwords for all of them is hard. This is where a password manager can help.
A password manager is an app on your phone, tablet or computer that stores your passwords, so you don’t need to remember them. Once you’ve logged into the password manager using a ‘master' password, it will generate and remember your passwords for all your online accounts. Many password managers can also enter your passwords into websites and apps automatically, so you don't even have to type them in every time you log in.
There are lots of different password managers, many of which you can use for free (with certain limitations). So it's worth searching for online reviews, and finding one that meets your needs.
Use shared computers safely
When you're logging into your online accounts, most web browsers (such as Chrome, Safari and Edge) will offer to save your passwords for you. It's safe for you to do this on your own device.
Note you should always make sure you are using the latest version of your browser (and operating system), and you should keep this up to date.
But, if you’re using a shared computer outside your home (for instance, at a college or library) you should never save your password in a browser.
If sharing a computer in your household, either with family or housemates, then you’ll have to think about who else could access the computer (and therefore your saved passwords), and decide if you’re ok with this. The safest way is to make sure that everyone:
Create passwords that are ‘strong’
Weak passwords can be cracked in seconds. The longer and more unusual your password is, the harder it is for a cyber criminal to crack.
Avoid the most common passwords that criminals can easily guess (like ‘password’). You should also avoid significant dates (like your birthday, or a loved one’s), or your favourite sports team, or family and pet names. Such details can often be found in your social media profile.
Swapping certain characters (the letter ‘o' with a zero, for example) is a trick well known by cyber criminals too. So your password won’t be significantly stronger, but it will be harder for you to remember.
A good way to make your password difficult to crack is by combining three random words to create a single password (for example applenemobiro).
Or use a password manager, which can create strong passwords for you (and remember them). It’s important to take steps to protect your password manager account, though, for if you forget the ‘master’ password, you’ll not be able to get back into your accounts.
The NCSC strongly recommends you turn on two-factor authentication for your password manager account. Alternatively, if you want to write your password down, you must keep if somewhere very safe and out of sight.