Just about everything you do online requires a password. Passwords make sense in that you don’t want someone to access, say, your bank account. But what is the best way to create a strong password?
It can be hard to remember all the passwords for all the accounts and apps that we use. It is sometimes tempting to re-use them across multiple accounts. This does come with the downside. Once one of your passwords is compromised, then they all are compromised.
How to Create A Strong Password
The UK’s National Cyber Security Centre (NCSC) recommends when choosing a password, it is best to use three random words. NCSC’s three-word password strategy is designed to create a random enough password that is difficult to guess.
Three reasons why the NCSC recommends this approach is:
- Length: three words are normally longer than a single word would be.
- Novelty: as it is less likely that the 3 random words you come up with are the same and in the same order as someone else’s.
- Usability: It’s easier for the user to come up with three random words and remember them, than random letters and numbers.
People Have Trouble Remembering Character Strings
In addition, the NCSC notes that people tend to struggle to remember strings of characters. So, we resort to using predictable patterns to meet password requirements. Some patterns include replacing “o” with “0” or “s” with “5”. The NCSC also argues that these passwords are ineffective as they can be easily guessed by criminals using specialized software.
Adopt a Password Manager System
Another strategy for stronger passwords is to use a password manager. A password manager stores all your passwords for you, so all you need to remember is one strong password. Plus, the password manager can help you create a long, complex password of random letters and numbers. And the best part is that you don’t have to remember it — your manager will for you.
The NCSC also recommends the use of password managers but notes that password manager adoption remains “very low”. Its three random words suggestion is aimed at users who aren’t aware of password managers or those who don’t want to use one.
Using a password manager or NCSC’s strategy is more secure than choosing one that’s easy to guess like “Pa55w0rd”. To add another security layer to your logins, use multifactor authentication.
QuickProtect Can Help
If you need help setting up cybersecurity policies, including password policies, contact QuickProtect today. Our goal is to keep you, your team, and your organization secure.