How to make your passwords stronger


Whether you’re a global corporation or smaller enterprise, we all have our part to play in protecting our cyberspace and improving cyber security. During Cyber Security Awareness month let’s not forget you, the individual, and how you can make a difference.

The days of “Password123” are behind us. It may seem simple but one of your most effective tools against cybercrime is a secure password. We chatted with ECSC, cyber security experts, to put together some top tips for making your passwords stronger.

In the office, remote working or in everyday life, the guidance on secure passwords is the same – it’s all about composition, length and privacy. Most importantly, ECSC recommend using non-dictionary words.

Chris Newsham, an Account Executive at Eastwood’s, says “my jumble of letters is unique to me – in the past, I’ve used each first letter of my favourite song lyric”.

For instance, Don McLean’s classic lyric “Bye, bye Miss American Pie / Drove my Chevy to the levee but the levee was dry” would become bbmapdmcttlbtlwd. But it doesn’t stop there – ECSC recommend including upper and lowercase letters, special characters and numbers so that the password would be BbM@PdmCttlbtlwd!

Now ask yourself, is my password long enough? In Laymen’s terms, longer passwords are better because it takes more time for a hacker to crack it. You might think, when was “American Pie” released? Well, it was 1971 of course.

The password now becomes BbM@PdmCttlbtlwd!1971 – a pretty lengthy and complicated password if you ask us and even though it may appear random, you’ve actually created a password that’s completely unique to you (thus making it easier to remember).

Now we come to privacy. Does your workplace have a clean desk policy? Similar to this, ECSC stress the importance of clean screens.

You wouldn’t leave sensitive data on your desks, so how is your screen any different? You’ve just created your super password – just as you wouldn’t jot it down on a sticky note, never leave your screen exposed to onlookers.

For the more ambitious among you, ECSC also recommend an additional method to authenticate that it’s really you. Although a traditional ‘virtual private network’ (VPN) type connection is the safest way to work remotely, it’s important to remember that a hacker will look to steal passwords that enable them to connect to your information and systems.

Therefore, ECSC recommend a 2 or multi-factor (2FA/MFA) remote access. In most situations, this means that when users try to log in, they will receive a code or request to their smartphone to verify their identity.

So, what have we learnt? In summary, always remember to compose passwords that include upper and lowercase letters, special characters and numbers, are plenty long enough, and most importantly, completely private to you. Let’s keep password savvy, folks!

Please do speak to your usual Eastwood contact if you have any questions at all about the matters raised.

Share this article on your social media: