Sometimes we write a password that is so secure that we ourselves fail to remember it. We follow the advice, use a capital letter, use a symbol, add in a few numbers...oh and make sure it is more than 12 characters long!
It is of course all for our own benefit. We access so many things of personal importance on line now, GP, Doctors, Banking, Education - whatever it might be, and in doing so we also open ourselves to risk.
The National Cyber Security Centre (NCSC) advised a few years ago that people should adopt a "Three Random Words" approach to password safety. In this recent article they revisited what has been one of their most successful blogs to date to discuss why this approach is often the best. In essence it comes down to being random enough to stop people who wish to hack you, but easy enough for you to remember.
They say that because we struggle to remember complex passwords that include so many different things - we default to predictable passwords without even realising we are doing it!
I think this is a really interesting article because it addresses something that has almost become second nature when we do anything on line, both the requirement to have a password and the frustration at failing to remember what we selected just five minutes ago.
I also thing that we should take the time to understand why we are being asked to do something and therefore understand...
Well worth a read!
Passwords generated from three random words help users to create unique passwords that are strong enough for many purposes, and can be remembered much more easily. This is also good for those who aren't aware of password managers, or are reluctant to use them. However, there are several other reasons why the NCSC chose the three random words strategy.