The Password Conundrum..
How To Create A Strong Password (And Remember It!)
Password best practice would have us use a separate complex password for every website and login, but that’s easier said than done. A study by Ponemon Institute revealed that over 50% of individuals in the UK reuse an average of five passwords across several websites and services. In this blog, we share our simple route to robust and unique passwords.
Passwords are the easiest approach for attackers as it’s human nature to use passwords that are easy to remember and therefore easy to compromise.
But we understand the struggle. Juggling so many passwords for a myriad of sites and accounts is difficult, so you settle on one that you know you can remember and use it where possible everywhere. We all do it! 51% of us even reuse passwords across our business and personal accounts.
The challenges with this are:
- We tend to pick names and dates we know.
- Many of these are dictionary words.
- We use them frequently in our social media (grandson’s name, dogs name, etc.).
- We rely on the fact that a website will not lose our credentials to a malicious actor, whereby the malicious actor can use them on a different site! It only takes one breach at the right company for millions of user names and passwords to become compromised.
Password best practice would be to have a separate complex password for every website and login, but we know that is not going to happen.
While nobody likes passwords, for now, they are not going anywhere. So here is our simple route to keeping you safer:
- Pick something you are going to remember.
- Make it eight characters long minimum.
- If it includes a name or dictionary word spell it incorrectly.
- Add some characters to the end of that password that you will always remember (like £$€ or +-*).
- And finally pick some part of the website URL and use those somewhere in your password (first two letters, or last two letters, or first and last).
For example: My dog is called Rodney (but I’m going to spell it wrong) and my grandson was born in April and I have decided I am going to pick the last two letters of website URL’s and always start my password with those…
- so my password to go on facebook.com becomes: okRodnieapr£$€
- and for bbc.com: bcRodnieapr£$€
Using this methodology your password is now different for every website you visit!
Share this Infographic with your users to help them achieve better password security
Obsolete software and exposed VPNs come with a host of security vulnerabilities. Understand the dangers and how to secure them in the age of remote work.
74% of breaches involve a privileged account, yet only 3/10 organisations have implemented a PAM solution. Are your privileged accounts at risk?
Domain impersonation is increasingly becoming a problem which targets businesses and their customers. Phishing attackers are now advancing their level of sophistication by utilising domain impersonation as part of BEC scams that can result in CEO fraud, malware infection, or ransom.