With so much of our senstive information accessible online via passwords, choosing a strong one is more important than ever before.
In future, it's likely that we'll be using more than just passwords to keep our details safe, explains digital security expert Symantec's Head of EMEA Information Security, Laurence Pitt:
“As organisations try to find ways to thwart breaches and protect their end users, the good news is that we’re starting to see alternatives to the old system, including two-factor authentication (2FA), which requires not only something the real owner would know – e.g., a password - but also something that they, and only they have – e.g., their mobile phone."
Some services have already introduced two-step access, especially in the online banking world, but for now, most simply use one password, so it's important that you pick the right one to avoid being hacked.
Which passwords should I avoid?
You should avoid using anything that contains personal information. While you may assume that this is private, the amount of information available online is surprising.
Hints on your social media pages may make it easy for hackers to guess your passwords. For example, if you state on your Twitter bio that you're a big Man Utd fan, then there's a good chance that your password could be the name of the team's best player. It doesn't take long for a hacker to work through a selection of possible passwords.
An individual hacker typing in guesses could crack these passwords in minutes, while dedicated hacking software is capable of trying millions of combinations in a short space of time and it's the most commonly used passwords that they check through first.
These are the most common passwords and are best avoided:
Your name or the name/s of any family members
Dates of birth
Famous dates in history
Your place of birth
Anything obvious such as 'password', '000000' or '123456'
If your passwords use any of the above then you should change them immediately.
How do I create a strong password?
Creating a strong password can be an infuriating experience, particularly if the site you're using keeps telling you that the password you've created isn't strong enough. Ideally, your password needs to be a mixture characters to make it more difficult to guess.
To form your password, include as many points from the following list as possible:
Use a mix of upper case and lower case letters
Include at least one number - substituting a letter for a number in a word is a good idea
Include a symbol (such as @ or %)
Use at least three words joined together
Use an acronym - use a phrase you're familiar with such as a line from a book or song and use the first letter from each word to form the basis of your password (this is good for those that find it hard to remember passwords)
The longer the password, the more difficult it is to guess.
Do I need to use a different password for every account?
Unfortunately, yes. It may sound like a lot of hard work, but it's important not to use one password for everything because if a hacker does manage to get hold of it then they can access all of your senstive information.
Start with your email account, because if that is hacked then the chances are that the culprit will be able to gain access to most of your secure accounts by going through your emails.
Once your email is secure, make a list of all your other password-protected services so that you can update your passwords. These may include online banking, retailers such as Amazon, streaming services such as Spotify and Netflix and social media sites like Facebook and Twitter.
How do I remember them all?
If you find your passwords hard to remember, you could consider using a piece of software to securely store them all. The obvious drawback here is that this will also need a password and one that's especially secure as it holds the key to all your personal details.
Another method is to create a picture in your head with objects or hints that relate to each password and the service or company it's for.
If you resort to writing down a list with pen and paper, ensure that this is well hidden and don't write out full passwords - stick to a few letters or a hint that will jog your memory.