Here are some basic tips that I have picked up from a recent course at Immersive Labs which I thought I would share. Some of them are really obvious but you’ll be amazed how many people still don’t follow them. There are also others that I have never heard of before but thought were really useful.
- When creating a password, the National Cyber Security Centre recommends using three random words that are memorable but completely unrelated. A good combination is an animal, an object and a vegetable (e.g. ‘dogperfumecucumber’). You can include numbers and special characters if you wish but they’re really not necessary.
- You can test how strong your password is on the ‘How Secure Is My Password?’ website (https://howsecureismypassword.net/). This site provides an estimate of how long it would take for your potential password to be cracked. For instance, ‘dogperfumecucumber’ would take 16 billion years to crack meaning that it’s a very strong password.
- Don’t use personal information when creating password because it may actually be very easy to find if you use social media.
- If you struggle with multiple passwords, you may want to install a password manager. This is an app that stores all of your passwords securely and provides you with a master password which is the only one you need to remember.
- With password recovery questions, don’t answer honestly because again, the information may be easy for an attacker to find especially on social media. Instead, treat them as secondary passwords.
- Make sure that all of your systems and anti-virus software are up-to-date and maybe consider using Multi-Factor Authentication (MFA). MFA verifies your identity by requiring multiple credentials such as facial recognition or a special code rather than just a password, and these are much harder for an attacker to access.