Passwords should be easy to remember and difficult to guess.

Recent analysis outlined by the National Cyber Security Centre found that 23.2 million victim accounts worldwide used 123456 as a password! It’s also a good idea not to use words such as your child’s name, pet’s name or your favourite sports team. This type of information might be easily viewed on your social media page e.g. Facebook. Numbers and symbols can still be used but it is advised that three random words is the key to creating a strong password.


Use a strong, separate password for your email and other important accounts. This means if hackers steal your password for one of your less important accounts, they cannot use it to access your most important ones. This includes your main email account. Hackers can potentially use your email to access many of your personal accounts and find out personal information. If this is your bank details, address or date of birth, you might be left vulnerable to identity theft or fraud.

For your most important accounts, if it’s available, you should use Two-Factor Authentication. This means involving a second step after entering your password

e.g. providing a fingerprint, using Eye/Face identification, answering a security question, or entering a unique code sent to your device. To find out how to enable Two-Factor Authentication on your online accounts visit TurnOn2FA

If you struggle to remember your passwords or are worried that your staff will find it difficult, we recommend using a password manager. There is advice on using a password manager here: https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers

Remember – always keep your passwords secret