User password controls – Convenience over Security


Cyber Essentials ControlUsers are required to authenticate with a unique username and strong password before being granted access to computers and applications 

Why is it important to use longer and more complex passwords?

To help understand this, recent research showed that the top 3 most popular passwords over the last 4 years include the following combination of either; ‘password’, ‘123456’, ‘12345678’, or ‘qwerty’……….

…It gets more complex as you look towards the top 5 passwords over the last 4 years, with the likes of; ‘abc123’ making a showing, along with ‘1234’, ‘111111’, and ‘letmein’ all within the top 10 list.

Not only that, Ofcom Adults’ Media Use and Attributes Report highlighted the following problems:

  • 55% use the same password for most websites
  • 25% report problems remembering passwords
  • 26% use ‘easy to remember’ passwords (e.g. names and birthdays)

Through our own experience over the years, we have found that if users are to be forced to use long and complex passwords for system access, they tend to write them down, as they are now difficult and mostly impossible to remember.

The problem increases as you make each login password different for each instance of secure access you require, for instance; LinkedIn, Twitter, Website Administration, Online banking, etc.

To help with this issue, you could install a password safe – As the name suggests, a password safe allows for the secure storage of multiple passwords, leaving you to remember only one password to unlock the safe. (Just don’t forget this one, write it down next to your PC, or stick it on your monitor!)

Furthermore, it can be useful to create a unique acronym and not to repeat characters to help mitigate the use of weak passwords.

(Weak passwords consist of keyboard patterns or words that can be found in a dictionary)

It is good practice to…

  • Include punctuation marks and/or numbers;
  • Mix capital and lowercase letters;
  • Avoid using personal information.

In conclusion, there are some really simple steps you can take to protect your sensitive information and intellectual property, and it doesn’t have to be at the cost of inconvenience.

As a good staring point, we suggest that you commit to taking the first steps in Cyber Security.

Securious promotes the government scheme Cyber Essentials. By complying with just 5 controls, you can protect yourself from at least 80% of current Cyber Threats.

You are also able to demonstrate to your clients that you take Cyber Security seriously and more importantly, you have taken steps to safeguard their sensitive information.

The Cyber Essentials scheme is very cost effective and starts at just £300.00 +VAT

For further details, or if you have any questions, take a look at our website and get in touch via email, or call 01837 871247 for a quick chat.

Cyber Essential certified body - securious