0121 630 3221
 0730 648 4999
Password Security

Strong Password Guide

A strong password and multi-factor authentication are the best protections for your account.

The most effective method of creating a strong password is to use a random string of words or letters and numbers. Your password should not contain anything that might be related you. This includes your date of birth (or any part of it), your name, your partners' name, your pets' name, and your favourite sports team. Somebody who knows you well could guess your password if they're given a few tries.

Some websites don't allow special characters in passwords, we believe that this is a mistake because special characters will help, though they shouldn't be relied upon.

You could use a "friendly" or "unfriendly" password. An example of a friendly password might be "2020 Coronavirus Clothes Burned!". An example of an unfriendly password might be "48f*/g526rlycw5".

It's important that passwords don't contain any consecutive values. This includes letters, words, and numbers. So using "Netflix TV Shows" or "123" or "abc" can all be considered as consecutive strings. Consecutive strings are easily guessed.

zxcvbn

In 2012, a group of password crackers working for Dropbox got together and designed an algorithm to estimate something called a complexity score. A complexity score is a value calculated to represent the strength of a password. The higher the score, the more complex, and therefore, secure, the password is.

Our website uses the zxcvbn algorithm to determine if a password is secure. This means that we don't have a specific password policy which would require you to include certain things in your password. A typical password policy normally looks something like this:

Your password must contain at least 5 characters, 1 uppercase letter and 1 number.

Using password policies such as this is a pointless exercise because weak passwords could be generated as a result. For example, "P@ssword1" would be considered secure by the above password policy, however, this is one of the 30,000 most common passwords and is very weak.

Using zxcvbn means that when you create your password on our website you will presented with a textual score which is generated by the complexity score of your password. Our system will not accept any password that is considered "Unsafe" or "Insecure".

Password Managers

Password managers are wonderful pieces of software that will remember your passwords for you, so that you don't need to remember very complex (secure) passwords and will help to keep your online indentity safe. Most password managers are free, and most Security Suite software, such as antivirus software, now include password managers.

There are plenty of free password managers that you can find with a quick Google search. We recommend the search term "best free password managers 2024".

Conclusion

We hope that this guide has been useful in providing you with an understanding of how strong passwords should be created, and how you can keep them secure.