Password Pointers

Written on 30 April, 2025

World Password Day reminds us of the important role that passwords play in being our first digital line of defence.

Here we have a few password pointers from our cyber team to support you in enhancing your online security:

Create strong passwords for important accounts. Weak passwords are one of the biggest risks in a security breach and when implemented correctly are a free, easy and effective way to prevent unauthorised users accessing your devices and accounts. The NCSC recommend the use of three random words to prevent very short passwords from being used.

Use a separate password for your work account. You are likely to have loads of online accounts. If one of those accounts gets compromised, you don’t want the attacker to have your work password so make sure your domestic and work passwords are different.

Where available, switch on MFA. Multi-factor authentication is normally a free service and stops cyber criminals getting into your accounts even if they have your password. Where MFA is not available a more complex password should be used.

Store passwords securely. Remembering lots of passwords can be difficult. A password manager can store all your passwords securely, so you don’t have to worry about remembering them. This allows you to use unique, strong passwords for all your important accounts.

Avoid Frequent Password Changes The NCSC advises against regular password changes unless there is evidence of a security breach. Frequent changes can lead to weaker passwords and increased user frustration. Instead, focus on creating strong, memorable passwords and changing them only when necessary.

Avoid Predictable Patterns: Steer clear of using easily guessable information such as birthdays or common phrases.

Check for password compromise. Visit Have I Been Pwned to find out if your email addresses have been involved in a data breach and whether your passwords for that account were exposed. Changing your password is the most important thing to do if your account has been pwned. If you have reused that same password on other online accounts, you should change the passwords for those accounts as well to be more confident that cyber criminals cannot reuse that password to access other accounts.

The strongest passwords are hard to guess and are not repeated across your different accounts.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.