Four Ways To Make Sure Your Passwords Are Safe and Easy To Remember

Four Ways To Make Sure Your Passwords Are Safe and Easy To Remember
Many still make their passwords too simple.
Shutterstock/Vitalii Vodolazskyi

For more than 15 years, there have been various predictions from tech leaders about the death of passwords. Bill Gates predicted it back in 2004 and Microsoft have predicted it for 2021. There have been numerous similar proclamations in between, alongside ongoing criticism of passwords as an inadequate means of protection.

Yet passwords remain a common aspect of cybersecurity, something people use every day. What’s more, passwords show little sign of disappearing yet. But many people still use them badly and seem unaware of recommended good practice.

It’s very common for cybersecurity experts and companies to blame users for using passwords poorly, without recognising that systems permit their poor choices.

Many websites offer no upfront guidance on how to choose the passwords they require us to have, perhaps assuming we know these things already or can find it out elsewhere. But the fact that people persist in using weak passwords suggests this is an optimistic view.

Outdated advice

In addition to lacking guidance, it’s common to find websites enforcing outdated password requirements. You’re probably familiar with systems insisting on password complexity, by requiring upper case letters, numbers or special characters to make passwords stronger (our response to which often mirrors the video below).

However, the current guidance is to allow complexity but not to require it, and to basically regard password strength as synonymous with password length.

The National Cyber Security Centre recommends creating a long password by combining three random words, enabling something longer and more memorable than many standard choices.

My password attempts

Also unhelpful is that, rather than giving guidance and requirements at the outset, many sites only reveal rules in response to us trying things that aren’t allowed. I tried creating a password for one such site. Most of my attempts received feedback requiring further action, until I settled on a final choice, which was accepted without complaint. But the password that was accepted, steve!, was short and rather predictable.

Four Ways To Make Sure Your Passwords Are Safe and Easy To Remember
Wrestling with rules.
Steven Furnell, Author provided

When I played around a bit more, various other weak choices were accepted. For example 1234a!, abcde1 and qwert! all satisfied the rules, as did Furnell1 – which isn’t particularly strong, especially as I already entered Furnell as my last name elsewhere on the sign-up form.


 Get The Latest By Email

Weekly Magazine Daily Inspiration

Meanwhile, the rules often mean we can’t use passwords our devices auto-generate for us, or ones we might create for ourselves by following current guidance.

Many websites don’t allow generated passwords.
Many websites don’t allow generated passwords.
Steven Furnell

Some sites seem to think they can compensate for a lack of guidance by using techniques such as password meters to rate our choices. However, while these give feedback, they’re not a substitute for providing guidance on what good looks like.

Using another site, I entered a poor password (the word password), and the only feedback I received was that the password is very weak. If a user was genuinely offering this password as an attempt, what they need to be told is why it’s weak. While you can doubtless find some sites giving better and more informative feedback, this example is unfortunately representative of many others.

Rules to follow

Of course, having highlighted the lack of effective guidance, it would be remiss to end without actually offering some. The NCSC’s guidance about choosing and using passwords are listed and briefly explained below:

  1. Use a strong and separate password for your email – as this is often your route to accessing other accounts.
  2. Create strong passwords using three random words – this will give you stronger and more memorable passwords.
  3. Save your passwords in your browser – this prevents you forgetting or losing them.
  4. Turn on two-factor authentication – this adds an extra element of protection even if your password is compromised.

It’s useful to supplement this with additional reminders not to use the same password across multiple accounts for fear that a breach of one leads to breach of all, not to share them with other people because then it’s no longer your password, and not to keep a discoverable record of them. Storing them in a protected location, such as a password manager tool, is fine.

It’s worrying to think that passwords have been around for decades and we’re still getting it wrong. And they’re just one aspect of cybersecurity that we need to be using properly. This doesn’t bode well for cybersecurity more widely.The Conversation

About The Author

Steven Furnell, Professor of Cyber Security, University of Nottingham

books_security

This article is republished from The Conversation under a Creative Commons license. Read the original article.

You May Also Like

follow InnerSelf on

facebook icontwitter iconyoutube iconinstagram iconpintrest iconrss icon

 Get The Latest By Email

Weekly Magazine Daily Inspiration

AVAILABLE LANGUAGES

enafarzh-CNzh-TWdanltlfifrdeeliwhihuiditjakomsnofaplptroruesswsvthtrukurvi

MOST READ

baseball player w;ith white hair
Can We Be Too Old?
by Barry Vissell
We all know the expression, "You're as old as you think or feel." Too many people give up on…
climate change and flooding 7 30
Why Climate Change Is Making Flooding Worse
by Frances Davenport
Although floods are a natural occurrence, human-caused climate change is making severe flooding…
made to wear a mask 7 31
Will We Only Act On Public Health Advice If Someone Makes Us?
by Holly Seale, UNSW Sydney
Back in mid 2020, it was suggested mask use was similar to seat belt wearing in cars. Not everyone…
coffee good or bad 7 31
Mixed Messages: Is Coffee Good Or Bad For Us?
by Thomas Merritt
Coffee is good for you. Or it’s not. Maybe it is, then it isn’t, then it is again. If you drink…
protect your pet in heatwave 7 30
How To Keep Your Pets Safe In A Heatwave
by Anne Carter, Nottingham Trent University et
As temperatures reach uncomfortably high levels, pets are likely to struggle with the heat. Here’s…
is it covid or hay fecer 8 7
Here’s How To Tell If It's Covid or Hay Fever
by Samuel J. White, and Philippe B. Wilson
With warm weather in the northern hemisphere, many people will be suffering from pollen allergies.…
inflation around the world 8 1
Inflation Is Spiking Around The World
by Christopher Decker
The 9.1% increase in U.S. consumer prices in the 12 months ending in June 2022, the highest in four…
nordic diet 7.31
Does The Nordic Diet Rival Its Mediterranean Counterpart For Health Benefits?
by Duane Mellor and Ekavi Georgousopoulou
Every month there seems to be a new diet doing the rounds online. One of the latest is the Nordic…

New Attitudes - New Possibilities

InnerSelf.comClimateImpactNews.com | InnerPower.net
MightyNatural.com | WholisticPolitics.com | InnerSelf Market
Copyright ©1985 - 2021 InnerSelf Publications. All Rights Reserved.