World Password Day: Our best tips for creating a strong password!

Today is World Password Day!

World Password Day is a celebration to promote better password habits. Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, banking, social media, private networks and life communications.

According to a 2017 report, 81% of hacking-related breaches involved stolen and/or weak passwords, further highlighting the need for better password habits. To celebrate World Password Day, Curious Frank is providing you with our top tips for creating better password habits.

Hackers use multiple methods to try and access your accounts. One method is using a ‘brute force attack’ – in this technique, a computer program runs through every possible combination of letters, numbers and symbols as fast as possible to try and crack your password. The longer and more complex your password is, the longer this process takes. Passwords that are three characters long take less than a second to crack.

Are you finding it hard to think of a long password? Think of passwords as passphrases! Think of unique sentences that you will remember or even take some time to view your surroundings. For example, you can be sitting at your desk and see a water bottle, sticky notes and a pigeon outside on the grass – your new password could be stickywaterbottlepigeononthegrass! That takes us onto our next tip…

Long passwords are good, but long passwords that are random and nonsensical are even better. By using social engineering techniques, hackers are able to guess your passwords by analysing your social media accounts and habits if your password is easy enough. For example, if your password is your dog’s name with the year you were born, you can sure bet a hacker is going to get easy access to your account!

When creating a password, remember to avoid using obvious personal information such as:

  • Your date of birth

  • Special anniversaries

  • Your address

  • The city in which you live

  • Schools you attended

  • Relatives names

Additionally, if you are required to choose security questions and answers, ensure that you select ones that are not obvious to someone browsing your social media accounts. We all knew what school you went to and what your first pet was through viewing your Facebook profile!

Whilst a long password is essential, adding a mix of numbers, symbols, uppercase and lowercase letters will make your passwords even stronger. A simple way to do this is to replace common letters with numbers and symbols that match, such as a zero instead of the letter O, or an @ instead of the letter a. If your password has a range of words in it, capitalise each new word. Let’s develop our password from earlier – stickywaterbottlepigeononthegrass now becomes St1ckyW@t3rB0ttlePig30nOnTheGr@s5!

It might be hard to remember at first, but with practice and patience, you will be securing your online accounts from multiple dangers!

Have you seen the news lately? Data breaches are happening all the time! Hackers are continuously gaining access to large quantities of data which expose account holders’ usernames, passwords and more. For example, in 2014 Yahoo gained a new title for being targeted in the largest data breach in history which saw over 3 billion user’s information being exposed online. As part of the breach, user’s names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth and hashed passwords were exposed.

Why does this mean that you shouldn’t reuse your passwords? Well, if you used the same passwords for Yahoo!, Facebook, Twitter and your email account, hackers can easily access all of those accounts from the one data breach. Therefore, it is essential to create strong, long and unique passwords for every service you use!

Now that you are using unique passwords for every service you use; you may start to find it more difficult to keep track of them. This is where password managers come in. Password managers are services that auto-generate and store strong passwords on your behalf. These passwords are kept in an encrypted, centralised location which you can access with a master password (Remember this one!) Many password managers are free to use and are essential when creating better password habits!

Unfortunately, strong passwords aren’t enough to totally keep yourself secure. Refreshing your passwords every 90 days is a good step to take in order to ensure more security. Adopting two-factor, or multi-factor authentication is also a further step you can take to ensure better security for your accounts. Two-factor (2FA) or multi-factor authentication (MFA) is an additional security later for you or your business, helping to address the vulnerabilities of a standard password-only approach. Using 2FA or MFA allows you to verify your credentials using two different forms – usually involving a secondary email or mobile device.

We hope that this advice has encouraged you to adopt better password habits. Whilst this information may seem time consuming to adopt, it is essential for your personal details to stay safe in today’s unpredictable online environment.

- Curious Frank

Are you curious about cyber security? We'll be frank about it! From security consultations, cyber security training, digital foot-printing, extensive security tests and more, Curious Frank the best range of services to help individuals and organisations be more cyber secure. Find out more.

Useful Links
Site Information
Follow Us
Contact Us

A division of the Scottish Business Resilience Centre

Oracle, Blackness Road

Springfield, Linlithgow

EH49 7LR

  • Twitter - White Circle
  • LinkedIn - White Circle
  • Facebook - White Circle
  • Spotify - White Circle
  • YouTube - White Circle

© Curious Frank 2019