Listen to this blog

@berd33n1903. Not a bad password, don’t you think? Many years ago, this used to be one of my passwords. As an Aberdeen FC fan it was an obvious way to make a password I would remember. I also thought I was being clever by replacing the “A” with an “@” and changing the “e’s” to “3”.

However, back in 2019, the National Cyber Security Centre released a list of the 100,000 most common passwords made public by data breaches. Turns out using my favourite sports team as my password was not a very good idea. There were several references to Aberdeen FC in the list, including ‘Aberdeen’, ‘Red Army’, ‘Miller’ and ‘Leighton’.

But why would cyber criminals think to guess that my password has anything to do with Aberdeen Football Club?

Because they can find information like that out via my social media accounts. This is why using our favourite sports team is not a good idea. Even making those changes to the characters was not as clever as I thought. Turns out the cyber criminals know we do that as well.

Today, Thursday 6 May 2021, is World Password Day. I know that sometimes we can all get a bit fed-up with these types of days, but anything that encourages people to think about their passwords and making them more secure is a good thing in my opinion.

Have a think about some of your passwords

What have you used to make them up? A special year, family names, a city, a month, a season, what about a food type? All of these have been found in passwords that have been breached. Did you know there is even a list of the top swear words used in passwords (you can go and look for those yourself!)?

The fact is that having a strong and secure password is one of the easiest ways to protect your data. I would always recommend the guidance from the National Cyber Security Centre (NCSC) to create a passphrase using three random words. So instead of trying to think of something obvious like a favourite sports team, why not have a look around you and try making a passphrase from what you see, for example “table,window,garden”. To give you an idea of how good that passphrase is, if I type it into www.howsecureismypassword.net I am told it would take 20 trillion years to break.

Don’t give the cyber criminals an easy way into your email, or your financial information.

Whenever I speak to people about cyber security, I don’t expect everyone to suddenly want to become cyber experts. I just want everyone to be as secure as they can be. Don’t give the cyber criminals an easy way into your email, or your financial information. Make it as difficult as you can. And if you need a hand to create these passphrases get yourself a password manager to create your passphrases and store them securely for you. Don’t forget, your internet browser can also recommend a strong password and will even store it to save you having to remember it.

It is so much easier now to be more cyber aware, we just have to make a few simple changes to the way we run our digital lives. So, on this World Password Day, please go and change just one of your passwords to a more secure passphrase using three random words. And remember, if you would like to discuss how your business and staff can be more cyber secure, please get in touch with me.