Password Pledge

World Password Day

World Password Day on Thursday 7 May provides a timely reminder for us all to evaluate our passwords. The NI Cyber Security Centre is encouraging us all to assess the strength and security of the passwords we use to secure our online accounts from hackers by taking our ‘Password Pledge

Password Pledge Security expert Simon Whittaker of Vertical Structures and Chair or NI Cyber states "According to the Verizon data breach report of 2019, over 60% of 'hacking-related' breaches leveraged either weak or stolen credentials. We all need to take more responsibility for our passwords and this pledge is a great way to help demonstrate this commitment.”

Weak passwords, like Password1, the name of your favourite football team or pet’s name remain go-to picks for many. These are easy for cybercriminals to hack – software exists that can guess millions of passwords in minutes!

If you use the same password on multiple accounts, such as your email, online banking, online shopping and social media, a cybercriminal can access all of them by cracking just one password!. This leaves you exposed to identity theft, financial loss, extortion, fraud and other cybercrimes. Hackers will thank you for allowing an open door into your digital world.

 

account signup

Consider the strength and security of your passwords and we encourage you to take our ‘Password Pledge’ below. Starting with your most important accounts (such as email, shopping, banking and social media), replace your old passwords with new more secure ones using our pledge tips.

Password Pledge

Secure your online accounts, put an end to weak passwords!

I will create strong and unique passwords using three random words

The best way to make your password difficult to hack is by using a sequence of three random words you’ll remember - the longer the better. You can make it even stronger by including special characters and numbers.

For Example.
FriendsHippoMaze - Strong Fr1endsH!pp0M@ze – Stronger 

Don’t be fooled that by using symbols on short common words e.g. P@$$W0rd1. Replace your old passwords today with new more secure ones.

I will use different unique passwords for each of my most important online accounts: such as email, social media and banking.

Remembering lots of lengthy complex passwords can be difficult. Store your passwords in your browser when prompted; it’s quick, convenient and safer than re-using the same password. Or, use a password manager - an app you can install on your phone, tablet or computer that stores your passwords securely.

I will turn on a second layer of security

Two-factor authentication (2FA) is a free security feature that gives you an extra layer of protection online. 2FA significantly reduces the risk of being hacked by asking you to provide a second factor of information, such as getting a code via text message that you need to input when you log in. This stops cybercriminals getting into your accounts - even if they have your password.

Download the pledge and share with family, friends and work colleagues -  Password Pledge (PDF 409 KB)

World Password Day Password Pledge.jpg

Compromised Passwords

Some of your account details and passwords may already be for sale as a result of a data breach. You can check if your password has been affected on the HaveIbeenPwned website. If your password is flagged as compromised you should change it immediately.

The National Cyber Security Centre (NCSC) did an analysis in 2019 of the passwords retrieved as a result of data breaches. A list of 100,000 common passwords is available to download and check your passwords against PawnedPasswordsTop100k If your password appears on this list you should change it immediately.

Password Resources

For further reliable information, guidance and support on passwords, use the trusted resources listed below

www.nicybersecuritycentre.gov.uk/cyber-protections
www.ncsc.gov.uk/cyberaware/home
www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0
www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/password-managers
www.ncsc.gov.uk/guidance/setting-two-factor-authentication-2fa
www.haveibeenpwned.com/