You are here

Cyber Aware Blog

< Back to all posts

Passwords – why three random words

9th October 2015 | Cyber Aware
Passwords – why three random words

Traditionally, the ultimate strong password is considered to be long and containing a multitude of symbols, numbers and capital letters. Although quite secure as a password, most of us have found them to be far from memorable. This lack of memorability means that people either choose weak passwords instead or they compromise them by writing them down. This behavioural reality was a key factor in the Government’s research into passwords and the subsequent recommendations made in a recently published paper called Password Guidance – simplifying your approach (opens new window). The advice to use or include three random words in your password is a culmination of pragmatism and algorithmic strength against common issues like brute force attacks – where hackers use software to churn passwords out until it discovers the correct one. It’s about choosing three random words that mean something to you and therefore can be remembered. It’s avoiding the most common sources of passwords like your children’s and partner’s name. It’s using different passwords for those key accounts like your email and banking. It’s not compromising your work and home systems by using the same password for both. Cyber Streetwise – just three simple steps Taking on this advice alongside the two other simple steps can go a long way to make your online experience much more secure. Cyber Streetwise asks people and businesses to: Step 1 - Devise passwords made of three random words to help protect you from cybercrime. A strong password is your first line of defence against hackers and cybercriminals. You can still use symbols and numbers if you need to, however, three random words is key. Step 2 - Install security software such as anti-virus. This helps protect your device from viruses and hackers. Step 3 – Download software updates as they contain vital security upgrades which help keep your device secure. Password policy and advice is constantly debated and will continue to be. However, as recognised by GCHQ, one of the most important elements in encouraging people to use strong passwords is whether they can remember it.