Skip to main content

blog

Digital Skills Blog

Are your Passwords Secure?

3rd May 2019

Making sure you have a secure password is key to keeping your information safe online. Signing in to a website and trying to remember your password can be an annoyance, but a strong password will mean that the only person logging into your account is you. The National Cyber Security Centre recently published a survey on Online Security. This Survey gave an insight into some of the commonly most hacked passwords. 

Most used in total: 

The NCSC's UK Cyber Survey revealed the most used passwords that had been breached: 

  • 123456 

  • 123456789 

  • qwerty 

  • password 

  • 1111111  

The problem with these passwords is the fact that they are obvious. Tapping the first row of keys on a keyboard and then setting that as your password isn't secure. There are millions of people with the same keyboard layout as you, so combinations like 'qwerty' and '123456' are very easily recognisable, and even easier to be picked up by a hacker’s algorithm 

Names: 

These results showed the top five names used within passwords that had been easily breached: 

  • ashley 

  • michael 

  • daniel 

  • jessica 

  • charlie 

It's important that when we create a password that it is unique. The problem with using names is that they are usually names that relate to our lives in some way. For example, if you used your own name, child's name or pet's name, it could be potentially easy to find through Social Media and other public information about you. 

A few other examples from their list were: 

Premier League Football Teams: 

  • liverpool 

  • chelsea 

  • arsenal 

  • manutd 

  • everton 

 

Musicians: 

  • blink182 

  • 50cent 

  • eminem 

  • metallica 

  • slipknot 

The main factors that these passwords have in common are their lack of complexity and their easiness to guess. So, what do you need to do to make sure none of your passwords end up on this list? Better still, how do you create a password that is safe, secure, and unfathomably hard to crack? 

Technical Director of NCSC Dr Ian Levy said: 

"Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.” 

It is also critical to make sure that your password isn't just letters. Adding a mixed combination of punctuation symbols, capitalisation and numbers makes your password much more secure and harder to guess. Some websites now require this, but it's good practice to use this across platforms. 

Here is where we get a bit more in depth. You’ve now created a new, secure password but you can’t stop here. You shouldn’t use the same password for every website you frequent. If a hacker manages to crack the password for one of your accounts, it doesn’t matter how secure it was because they now have the password for all of your accounts. 

If you are worried about trying to remember so many different and complex passwords, there are applications to help you with this. LastPass is a popular choice. This application creates complex passwords for all of your accounts and saves them in a digital vault. When you open a website and you need to log in, LastPass will auto-fill the password section. You don’t even need to know the password yourself. The only password you need to memorise is your ‘Master Password’ which allows you to log into LastPass itself. This password must be as complicated as you can come up with in order to protect all of your linked accounts. 

If you want to check how long it would take to crack your password, take a look at https://howsecureismypassword.net/ and test yours out.