Campaign

World Password Day occurs annually on the first Thursday of May. Every year the day offers an opportunity to reflect on our digital security and think about how safe we are keeping our data from cyber threats and unauthorised access. It offers a great chance to update your passwords and ensure they are strong and unique!

Passwords have been around for a very long time in various forms. In the past, the Roman Army used ‘watchwords’ – passphrases which proved that you were a member of the unit. The first digital password was created by Professor Fernando Corbató. In the early 1960s, Corbató and his team at MIT were working on a time-sharing operating system called Compatible Time-Sharing System (CTSS), which allowed multiple users to access a computer simultaneously. In order to keep individual files private in this shared environment, Corbató introduced the concept of passwords.

Think of a password or a passphrase as the key to your most precious commodity, your Personally Identifiable Information (PII). When leaving a house or car, we lock it to ensure that nobody can gain access in our absence. Our passphrases are simply digital versions of the physical security steps that we take every day as we go about our lives.

Improve your password security

There are multiple ways that a hackers can get access to an account; using software to crack your passwords, trying out passwords that may have been included in a data breach, or by trying to trick a victim into disclosing their password through social engineering tactics.

Practicing good password security will reduce the risk of falling victim to a hacker. Creating strong, separate passwords for different accounts, turning on 2-step verification whenever possible and storing your passwords safely will help protect you online.

Use a strong and separate password for your email

Using a strong password is especially important for your email account. Having a strong and separate password for your email means that if cyber criminals steal the password for one of your less-important accounts, they can’t use it to access your email account.

If a hacker gets into your email, they could:

• reset other account passwords
• access private information about you (including bank details) or your organisation
• post emails and messages pretending to be from you (and use this to trick other people)

Create strong passwords using Three Random Words

When you use different passwords for important accounts, it can be hard to remember them all. The NCSC recommends using three random words as a good way to create strong, memorable passwords. By using a password that’s made up of three random words, you’re creating a password that will be strong enough to keep the criminals out, but easy enough for you to remember.

Do not use words that can be guessed easily (like a pet’s name). Including numbers and symbols will also make the password more difficult for hackers to crack, e.g. “RedGlassTree44!”

Use password managers

A password manager is an app on our phone, tablet or computer that stores your passwords, so you don’t need to remember them. Once you log into the password manager using a ‘master’ password, it will generate and remember the passwords for all of your online accounts. Many password managers can also enter passwords into websites and apps automatically, so you don’t even have to type them in every time you log in.

Most web browsers also offer a password manger service. When logging into your online accounts, the browsers (such as Chrome, Safari and Edge) will offer to save your password for you. It’s safe for you to do this on your own device, however you should never do it on a a shared computer outside your home

Passwords and passphrases should be seen as the first line of defence, by implementing these steps for enhancing your password security you can ensure that it’s not your weakest link.

Guidance provided by Police Scotland Cybercrime Harm Prevention Team