What constitutes a good password and why it is important to have one?

Quite simply; your password is the key to your IT castle. The walls you carefully build around your business data are of little value if the front door lock is easily picked. The idea that passwords should be long and complex is one of IT industry’s sacred cows, and yet many users stubbornly stick to passwords such as 12345, Password1 or Jimmy1970; which often takes less time to crack than to type them. The question “So, what constitutes a good password?” is a common one.

Of course, with the multitude of passwords we have to remember these days, the natural tendency is to simplify, not change passwords with any great frequency and use the same of similar passwords over multiple services from Hotmail to your company login; but as the 2012 hack of LinkedIn illustrated; this can be dangerous too. It is a known tactic of hackers to take compromised passwords from a phishing or hacking incident for example, and use it not only on the site directly targeted, but also try their luck with other likely sites such as social media and email accounts.

What is a bad password?

Aside from the obvious and aforementioned “Password1” or “12345”, your name, car or pets name suffixed by numbers is a poor choice; “Peter1972” takes no more effort to crack that “Peter”, especially if your username is “Peter” too! Replacing letters with numbers such as “P3t3r1972” is better, but not much of an improvement.

Cyber criminals combine impressive computing power with dictionaries, film scripts, song lyrics and social media to quickly and easily build possibilities so avoid nicknames, quotations, birthdays and pets names.

What is a good password?

Go as long and complex as you can. There are 2 main schools of thought at present for strong passwords.

Use abbreviations combined with uppercase, lowercase, numbers and punctuation. It should be at least 8 characters and never include any aspect of your username or company name. A good example of this might be JgtS@0805em! The question of how to remember this is answered by – JonnygoestoSchoolat08:05everymorning!
Combine several unusual and unrelated words together that mean somethign to you. Avoid meaningful phrases or quotations though. Purely as an example of this; something along the lines of VolcanoKettleBoots …. throw in the year and a special character to get VolcanoKettleBoots20!

Both of these passwords (as illustrations only of course) would give most password hacking tools a challenge.

Should I use a completely different password for each site or service?

Absolutely yes!

Are password managers a good idea?

These can be a good idea and address the most common concern; “how am I expected to remember all these passwords?” Of course, as the repository for all your passwords for your company data and sites it is analogous to keeping all your eggs in one basket, and are frequently the target of considerable interest from the hackers for obvious reasons, but as most things in life it is a balance of risk.

In 2015 LastPass, one of the largest providers were partially breached, but claims that none of their 7 million user accounts were compromised. Set that possibility however against the hazard of using the same or similar weak password over multiple sites and the password manager still looks an attractive option, although we suggest you avail yourself of two factor authentication alongside a strong master password when using any such service.

Should I use multifactor authentification if available?

Definately yes! We have an article on that subject here

Ready to talk IT?

Jake Thomas

16:16 18 Jul 22

A professional and very competent service. Everything is managed beyond expectation. Highly recommended.

Tom Chance

09:27 09 Mar 21

We engaged Lindsey and her team to improve our security, and implement Microsoft across our business. They did an amazing job, and worked tirelessly and with lots of patience until things were working perfectly. Lindsey really knows her stuff, and I was so impressed by her knowledge of IT and ability to the root of issues.

Tamara Cooke

14:09 17 Sep 20

EasylifeIT are always able to solve our IT issues. Their support team are helpful, patient and are happy to explain things to you if you ask. FYI I've not ticked good value as my employer pays the bill so I don't know!

Sherwin Currid Sherwin Currid

08:09 10 Jul 20

Easylife IT have looked after our cloud IT systems for many years now. We continue to be very happy with the service which is prompt and efficient. The team are very knowledgeable and stick with issues until they are fully resolved. I would have no hesitation in recommending them to others.

Nick Green

10:45 09 Jul 20

My business has been using Easylife IT for what must be around 10 years and I have not needed to look elsewhere in that time! As a small business we don't have IT capabilities in house and the backup service from Easylife has given us confidence knowing that our backs are covered. All issues dealt with remotely and for higher level issues the business owner will help out with friendly advice. I always feel their advice is good and charging is fair. I am a little surprised to see another review that appears to speak highly but giving a 4 star. Anyway it's definitely a 5 star from me! Highly recommended.

Blog