Password policy advice on generating a secure, easy to remember password Header Image

Password policy advice on generating a secure, easy to remember password

You're probably aware that there’s a lot of guidance out there on what makes a good password — and it can be incredibly confusing. Hopefully this article will help.

 

Before generating a new password, it's important that you take into account the following:

 

  • The password you make is completely unique and is not in use on any other accounts you may have anywhere either personal or work related
  • If you are going to store your passwords, use a secure password manager like LastPass - this will allow you to generate complete random passwords (the most secure) whilst ensuring you only ever need to remember one secure password
  • The password should not be able to be easily guessed by people who know you or information that can be pulled from a social media profile. IE, your name, family/children names, pet names, city/town of birth, city/town you live in, your birthdays, favourite movie, favourite sports team, your company name, address etc
  • The password that you choose should not be a common password, these can include single dictionary words (flower / dragon / sunshine), strings of letters or numbers (1234 / 12345678 / abc123), variations of the word password (passw0rd / password / password1) etc. For more examples of bad passwords see this article here

 

For the best level of security, whilst balancing the ease of remembering a password, we recommend we structure your passwords in the following way.

 

  1. Pick three random words, that are easy to remember but not related to any words that could be related/tied to you (for example do not use children's or pet's names, or the town you live in etc).

    IE: bulb label chicken

  2. Add a special character (any symbol like !"£$%^&*({}:@~?><) somewhere in the password. Alternatively, make one of the words uppercase.

    IE: bulblabelchicken! or bulbLABELchicken

  3. Add a number somewhere in the password.

    IE: 2bulblabelchicken! or 2bulbLABELchicken

 

This password should then meet the complexity requirements on your network.

Please see this infographic from the National Cyber Security Centre for further information about passwords, how to secure them and how they are often cracked: National Cyber Security Centre Password Infographic