By Mike Quittenden, founder of 4D, Cyber Security Experts

As small business owners, we often face the challenge of keeping our digital assets secure.

One of the most common questions we get asked is how to create secure passwords. While we always recommend using Multi-Factor Authentication (MFA) or going passwordless where possible, there are times when a strong passphrase is necessary. Here are some top tips for creating the perfect passphrase to replace weak passwords.

Why Passphrases Over Passwords?

Traditional passwords are often short and simple, making them easy targets for cybercriminals. In fact, the top 3 most common weak passwords in the UK for 2024 are:

  1. 123456
  2. password
  3. 123456789

These passwords can be cracked in seconds, leaving your business vulnerable to attacks. Instead, consider using a passphrase. A passphrase is a sentence like string of words that is longer than a traditional password, easy to remember and difficult to crack.

Effective Strategies for Remembering Complex Passphrases

Mnemonic Techniques

Create memorable passphrases using these powerful methods:

Story-Based Approach

  • Use vivid mental imagery to associate with your passphrase.
  • Create a bizarre, memorable story that connects the words.

Example: For “32SeagullsDeliverBolognaSandwiches2Paris!”, visualize seagulls in Paris carrying sandwiches.

Personal Connection Strategies

Base passphrases on:

  • Favourite book or movie quotes (OR from your least favourite movies!)
  • Personal experiences
  • Unique life moments

Transform these into complex passwords by:

  • Using the first letters of words
  • Adding numbers and symbols
  • Mixing uppercase and lowercase letters

Memory Reinforcement Techniques

  • Repetition: Type the passphrase multiple times when first creating it.
  • Visualization: Create a mental image that triggers the passphrase, like the seagulls carrying sandwiches!
  • Regular Use: Frequently log in manually (avoid autofill) to strengthen memory.

Advanced Passphrase Creation

  • Use 4-5 random, unrelated words.

Incorporate:

  • Uppercase and lowercase letters
  • Numbers
  • Special characters
  • Aim for at least 16 characters.

Ultimate Solution: Use a Password Manager

The most reliable method is using a password manager, which can generates secure, unique passphrases, stores them securely and more importantly requires only remembering one master password!

Pro Tip: For your master password, create a passphrase based on a memorable story or quote, then add complexity with strategic character modifications.

Top Tip: Avoid Reusing Passwords or Passphrases

Reusing the same password or passphrase across multiple sites and applications is a risky practice. If one of your accounts gets compromised, cybercriminals can use that password to access your other accounts in a tactic known as “credential stuffing.” This can lead to a domino effect where multiple accounts are breached, potentially exposing sensitive information and causing significant harm.

Remember, a strong passphrase is your first line of defence in the digital world.

Click here to learn more about 4D