Ian McCormack, National Cyber Security Centre
Where does the advice for three random words come from? Well based on research from the National Cyber Security Centre, long and complex passwords aren't always the best option.
It is really hard for us to remember lots of complex, unique passwords. Instead we come up with methods to cope that are well known to cyber criminals. For example using ‘Pa55word!’ may follow the rules of using symbols and numbers but it’s easy for hackers to guess.
Three well-chosen random words provide a good compromise between strength and memorability.
Cyber criminals use a variety of techniques to steal passwords, so as well as always using three random words to create a strong password, it’s important that you:
- Keep your password secret; never share it with anyone
- Never use any word which is related to you and may be easy to guess, for example by looking at your social media pages
- Have strong and separate passwords for your most important accounts – email, online banking and social media
With access to your email, hackers can take control of many of your online accounts, by asking for a password reset link to be sent to your email address and resetting the password to one of their choice.
Using strong and separate passwords for your most important accounts, means that if a hacker steal the password for one of your accounts, they don’t have access to all of your accounts.
- Always download the latest software and app updates as soon as they are available Hackers can use malware (malicious software) to install a key logger on your device which intercepts your passwords as you type them in. By making sure you keep your software and apps up to date, by always downloading the latest updates, you can help protect your device from malware