Skip to content

Protect yourself online - choose safe passwords!

28th June 2013

4-minutes read

With so much of daily life now conducted online – from banking to social media – coupled with frequent reports of well-known organisations getting hacked, it’s vital that you choose your passwords effectively to protect your online activity.

Dictionary words

The most common mistake people make when choosing a password is to use a recognisable word commonly found in a dictionary. This is risky. "Brute force” hacking describes the approach hackers use to force their way into a system by repeatedly trying different password combinations. If your password is a dictionary word, your account is far more susceptible to this type of hacking because your password will be on the list of possible passwords used in a "brute force” hacking attempt.

Social engineering

Rather than use a random but easily-hacked dictionary word, you might base your password on something close to you: your child’s name, your pet’s name, your favourite band etc.

Even if this provides a non-dictionary password, someone can still discover it if they know something about you. "Social engineering” is the unethical practice of getting someone to divulge personal details with a view to gaining information that might reveal potential passwords. If someone knows your mother’s maiden name, your pet’s name or your house number, they have the necessary raw material to try a variety of probable passwords.

Paper based

Committing your password to paper is a bad idea! Whether it’s a post-it note on the side of your screen, a label stuck to the underside of your keyboard or a scrap of paper on the pin board, you’re making a hacker’s life easy.

Never write down your password.

Here are some useful techniques that will help you to create a safer password.

Mix letters and numbers

If you do nothing else, at least ensure your password is a mixture of letters and numbers."mypassword123” is too obvious, where as "myp455w0rd” is just as memorable but somewhat harder to hack.

Combine two passwords

Rather than base your password around a single word that you can remember, why not combine two words? "frBLOGGSed” and "BLOfredGGS” are both better passwords than "fredBLOGGS”.

Telephone numbers / postcodes

Your phone number or postcode are too susceptible to social engineering but both can be used inventively. Instead of using "DE13SU” (for example), press the shift key when typing the numbers and you end up with "DE!£SU”, which is less hackable but still memorable.

Use different passwords for different purposes

Even if you do have a hard-to-crack password, you probably use it for a variety of different logins. This means that if someone were to hack your email account, they might automatically have worked out the password for your online banking and social media account too.

If, like most people, you have more than 2 or 3 online accounts, it’s too much to expect you to create and remember a different password for each.

Instead, think of one really strong password – perhaps using one of the methods outlined opposite – and then add to it something specific to the account you use it for.

For example, if your strong password is "DE!£SU”, you could use these different passwords for your online accounts:

Account Password
Facebook faceDE!£SU
Twitter twitDE!£SU
Banking lloyDE!£SU
Email emaiDE!£SU

None of these passwords are dictionary-based or particularly guessable… but as long as you can remember "DE!£SU”, you have a different password for every online account. Better still, each password is unlikely to be hacked and is easy for you to remember.

Remember the process, not the password

The best password is one that even you don’t know! If you can remember the process of creating a password, that’s all you need. Think of a letter that’s meaningful to you and, starting on that letter, make its shape on the keyboard:

All you have to do is remember "M” and you get this as your password: "mju7y6tfc”. Press the shift key part way through and it gets even better "mju7Y^TFC”! You’ll never be able to remember either of these passwords but the process of creating them is easy, so you have a high quality password that you will not forget.

Jeremy Flight

Jeremy Flight

Technical Director

Jeremy Flight

About the author

This article was written in June 2013 by Jeremy Flight, Technical Director at Rubiqa.

He has worked in the web design industry since 1999 and has helped many private businesses and public sector organisations with complex website projects. As the technical lead at Rubiqa, he is the primary contributor to our software products and is involved with projects relating to website design, eCommerce, database systems and mobile apps.

Away from work, Jeremy is a qualified cricket coach and works with junior players at his local club. He is also interested in property investment, golf, photography, playing the piano and holidaying in France.

Connect with Jeremy Flight on LinkedIn

What we do

Send your enquiry

To prevent unwanted spam, we ask you to enter the answer to this simple sum: