Better password security

Passwords

One of the main issues GDPR deals with is protecting your own, and your client or users data. One of the most basic things you can do is protect your various accounts and systems with better passwords. Lets look at some very simple ways to do this.


The wrong way

If any of these passwords below look anything similar to what you use - you need to change it.
 

  • password
  • summer2018
  • 1234554321
  • thebeatles1

So, whats wrong with all of the above? They are way too simple.


So, what's the best thing to do?

An ideal password is something which is completely random and uses as many different types of characters as possible. This would be a good example:

aLbff95}A+:CFL=K

While this is an ideal password, it's simply not feasible for a human to remember something like this. Writing it down or saving it somewhere is not a good idea so how do you make a strong password without having to memorise something like this?

Replace letters with characters that look like them.


For example:

  • replace "a" with @
  • replace "l" with 1
  • replace "i" with !
  • replace "o" with 0(zero)

So instead of "mainpassword", you now have m@1np@ssw0rd

Capitalise the first and last letters to make it even stronger: M@1np@ssw0rD


Think of a phrase and take the first letter of each word


Think of a quote, or a song lyric or something you will always remember. Take the first letter of each word, and apply the principles in the step above. Example, take the Beatles blackbird song lyrics:

Blackbird singing in the dead of night, take these broken wings and learn to fly

Blackbird singing in the dead of night, take these broken wings and learn to fly

gives you: bsitdonttbwaltf

Apply the previous tips and your new password is:

Bs!td0nttbw@1tF


Some last tips to better protect your accounts and data:

  • Never use personal details in your passwords
  • Don't use freely available informaiton on social media as your password eg: Dogs name, birth date etc
  • Don't use the same password for everything
  • Don't write down or save your passwords somewhere: you should remember them using the tips above
  • Protect as many of your accounts with 2 step verification if possible. In gmail is would be best to follow this simple guide: https://www.google.com/landing/2step/