Understanding password security and password protection

Understanding password security and password protection

Date: 15/10/24

Author: Gavin Monks

The footprints you leave on the internet are precious, from personal photos stored on the cloud to financial information and online banking details that fund your life. If that data is lost or stolen, it can’t be easily replaced.

Password security is the first step in protecting your personal data from being compromised, along with additional device security measures, such as two-factor authentication. You can also use antivirus software such as Norton™ 360 Premium which encrypts your personal information with a VPN.

We’ll cover how to stay safe online with proper password security in this guide, as well as tips and tricks you can try today.



What is password security? Why password security and protection are important

80% of all cybercrime happens as a result of not following best practices for passwords. Without strong passwords, cybercriminals can easily access your personal information, hack into your accounts, and ultimately steal your identity.

The consequences can be life-changing, such as:

  • Financial loss

  • Personal data loss

  • Data leaks and exposure

  • Your personal accounts can become compromised or inaccessible

If your professional or organisational devices aren’t secure, criminals can also share sensitive information with competing companies or hold data for ransom.



Tips and best practices for password security

Luckily, creating and managing secure passwords has never been easier. Let’s take a look at the five ways to enhance your password security:

1. Create a strong password

You’ve probably heard it before: your password should include a mix of upper and lowercase letters, numbers, and symbols to be secure. That’s true, but there’s a little more to it. For instance:

  • Your password should not be a word that’s easy to guess — a random mix of letters, numbers and symbols is safest

  • 12-14 characters or more is generally considered the best length for passwords. 

  • Don’t include any personal information, like your hometown or childhood pet’s name

  • Avoid simple passwords like ‘password’ or ‘password123’ — ideally your password should be impossible to guess

2. Use unique passwords for every account

It’s convenient to use the same password for your Facebook, email, Instagram, workplace, and everything else — but that comes with some danger, too.

If a cybercriminal guesses your password for one account, they can access everything else. That’s why we recommend using a unique password for every account and device you use regularly.

Top tip: use a password manager like LastPass to create and store your passwords.

3. Enable two-factor authentication where possible

Say someone guesses your password. They can access your account, right? Not if you use two-factor authentication (2FA)! 

Essentially, 2FA means that once you’ve input the right password, you’ll need to verify your login using your email address, an authenticator app, or through a text message.

Top tip: Use two-factor authentication on any account you can, especially where you’re storing sensitive information (think online banking and personal email accounts).

4. Update your passwords regularly

If you ever used school or university computers, you were probably forced to change your password every three to six months. Well, this rule should be another thing you take from your education.

Consistent password changes make it much harder for attackers to access your account, which is why this is common practice with many enterprise-level businesses and larger educational organisations.

Top tip: Set reminders to change your passwords every few months, and update your password management software when you do.

5. Be vigilant about security breaches

Stay up-to-date on any data breaches involving companies you use regularly, especially your bank or email platforms.

Your computer or phone may also include built-in features that alert you if your passwords are compromised.

Top tip: Services like UpGuard can help teams to manage security risks online, and notify you of any security breaches as well.



What not to do with your passwords

We’ve covered what you should do to enhance your password security, but what are the don’ts of keeping your accounts secure? 

  • Don’t share passwords — Even sharing passwords with trusted people who claim to be from reputable organisations (like your bank) can lead to unauthorised access and theft.

  • Don’t record passwords on a document on your computer — If cybercriminals access that particular file, they can easily ‘break in’ to the rest of your online presence.

  • Don’t include any personal information in your passwords — that includes your birthday, middle name, phone number, or anything that someone who personally knows you may be able to guess.

  • Don’t use the same password for multiple accounts — As we mentioned, this can lead to multiple breached accounts if attackers gain access.

Never ignore security warnings — Take action when your device or software needs to update, or if you receive any notifications that your account may be compromised. Check that these notifications come from a legitimate source before you click any links or buttons.



FAQs about password security

What makes a strong password?

Strong passwords are unique for every account you use, and include a combination of upper and lowercase letters, numbers, and symbols. They should be randomly-generated and not a word you can easily guess or find in a dictionary.

How often should you change your password?

According to Norton™, online banking passwords should change every month or so. For other accounts, like your computer or Facebook login, you can change your password once every three months.

Are password managers safe?

Generally, yes. Password managers encourage you to follow best practices for security, keep your passwords encrypted, and most even suggest secure passwords whenever you create a new account.



What should I do if my password is hacked?

If you fall victim to a data breach, follow these steps:

  1. Change your passwords on any accounts that might be affected

  2. Report the breach to the relevant organisation as soon as possible — e.g. let your bank know if your details have been compromised

  3. Monitor your activity on affected accounts

  4. Set up two-factor authentication and implement a password manager like NordPass or LastPass to prevent this from happening again



How safe is my password, really? 

No single  action will keep your passwords safe, but following the practices above will help safeguard your accounts from cybercrime. 

Community Fibre broadband packages come with top-tier customer service, and we’re contactable from Monday to Friday 9am - 7pm if you experience any online security concerns or technical issues. 

You can also bundle your broadband with Norton™ 360 Premium to shield your personal information with bank-grade encryption via our Secure VPN. 

To learn more about how we keep our online communities safe and bridge the digital divide, discover our action to overcome digital poverty.

Check your postcode today and see if Community Fibre is available in your area.