Are three random words really the safest password?

The UK National Cyber Security Centre has recommended that three random words is a safer way to set a password then a more complicated variation.

Government experts at the UK National Cyber Security Centre (NCSC) have concluded that three random words as a password are a safer bet than any more complicated variations.

The NCSC, which is part of GCHQ, concluded that three words provide as much variety as much more complicated and at times convoluted passwords combining numbers, letters and symbols. The simple formula is very difficult for cybercriminals to second guess and is harder for the software they use to crack than the conventional mixed passwords.

NCSC did add that the key to the success of this system was the unpredictability of the three words and not making the password too personal or obvious, was very important to its success.

With cybercrime levels reaching record highs during the pandemic it has become even more important than ever to look for new ways to protect personal data from cybercriminals.

The NCSC’s Technical Director, Dr Ian Levy, said: "Traditional password advice telling us to remember multiple complex passwords is simply daft. There are several good reasons why we decided on the three random words approach – not least because they create passwords that are both strong and easier to remember. By following this advice, people will be much less vulnerable to cybercriminals and I’d encourage people to think about the passwords they use on their important accounts, and consider a password manager.”

And just in case we need reminding why this is important the following stats make sobering reading. If your data is compromised, weak passwords can have serious consequences, like identity theft. Companies reported a staggering 5,183 data breaches in 2019 that exposed personal information such as home addresses and login credentials that could easily be used to steal your identity or commit fraud. And that pales in comparison with the more than 555 million stolen passwords that hackers on the dark web have published since 2017.


Featured Articles

Gartner unveils top cybersecurity predictions for 2023-2024

Half of CISOs will formally adopt human-centric design practices into their cybersecurity programmes, while adoption of zero trust architecture will rise

DDoS protection market to grow amid increase in attacks

According to research by Cloudflare, DDoS attacks increased by 109% last year, with the last 12 months seeing some of the largest attacks the world

The impact data poisoning has on cyber and AI

We take a look at why the risks of data and AI poisoning is continuing to wreak havoc on the cybersecurity industry

Five innovative ways AI can help prevent cyber attacks

Cyber Security

SailPoint delivers new non-employee risk management solution

Cyber Security

Akamai shares details of Asia’s record-breaking DDoS attack

Network Security