Are three random words really the safest password?

The UK National Cyber Security Centre has recommended that three random words is a safer way to set a password then a more complicated variation.

Government experts at the UK National Cyber Security Centre (NCSC) have concluded that three random words as a password are a safer bet than any more complicated variations.

The NCSC, which is part of GCHQ, concluded that three words provide as much variety as much more complicated and at times convoluted passwords combining numbers, letters and symbols. The simple formula is very difficult for cybercriminals to second guess and is harder for the software they use to crack than the conventional mixed passwords.

NCSC did add that the key to the success of this system was the unpredictability of the three words and not making the password too personal or obvious, was very important to its success.

With cybercrime levels reaching record highs during the pandemic it has become even more important than ever to look for new ways to protect personal data from cybercriminals.

The NCSC’s Technical Director, Dr Ian Levy, said: "Traditional password advice telling us to remember multiple complex passwords is simply daft. There are several good reasons why we decided on the three random words approach – not least because they create passwords that are both strong and easier to remember. By following this advice, people will be much less vulnerable to cybercriminals and I’d encourage people to think about the passwords they use on their important accounts, and consider a password manager.”

And just in case we need reminding why this is important the following stats make sobering reading. If your data is compromised, weak passwords can have serious consequences, like identity theft. Companies reported a staggering 5,183 data breaches in 2019 that exposed personal information such as home addresses and login credentials that could easily be used to steal your identity or commit fraud. And that pales in comparison with the more than 555 million stolen passwords that hackers on the dark web have published since 2017.


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security