The stronger your passwords, the better protected your computer will be from a cyber-attack. Passwords aren’t everything, but they are your system’s first line of defence, so using strong passwords plays a vital part in reducing the risk of hackers gaining access.
It’s important to check your company’s cyber security policy on passwords. General advice for best password security includes the longer the better (at least 8 characters), don’t use the same password for multiple accounts, and make sure it uses no information or names that may be readily known to others.
Instead of a password, a passphrase can be used effectively. A passphrase could be a short sentence that only you would know, something you think of spontaneously, or a string of unconnected words. It’s advised not to use real quotes from songs or Shakespeare, for example, as these can be “guessed” by hackers.
Replace some letters with numbers or punctuation to improve security.
Passphrase Examples:
Iat3bakedbeansforTea! is something random which perhaps only you would know.
Look around the room for inspiration, think ‘what3words’: W@11chairPost-it
Instead of Bella123, 3e11aistheFamilyDog! would be more secure
Having said that, it’s best to use a unique random mix of capital and lowercase letters, numbers, and symbols, and you should use a password manager like Last Pass or Google Password Manager to store them all securely.
The benefit of using a password manager is that they can auto-generate you the random mix of characters, for example:
c7O@IK9P3ox9!HNv or sU0vR22k%5Jz%W#0ykF
The best thing about using a password manager is you don’t need to remember them as they’ll be safely stored for you in a vault. Change passwords frequently, when prompted by the system, or if you’re unsure if the account has been compromised. Remember to save the new one in your secure password manager, rather than in the computer or using another “remember password” feature.
Even with following the above advice, for your most important systems and stores, a username and password alone is not sufficient. Make sure you’ve got multi-factor authentication (MFA) or two-step verification switched on.
Finally, it hopefully goes without saying, but never share your password with anyone, especially not over the phone, email, text or other digital messaging mediums.