Password security

24 October 2020

We all know how important password security is. If a hacker is able to access your account, they could obtain dangerous information, install malware, steal data, or attempt a cyber-fraud like whaling.

Password security long infographic Veritau

A survey by Google found that 50% of people use the same passwords for the majority of their accounts, making them easy to hack. According to data obtained by the National Cyber Security Centre, some of the most common passwords are:

  • 123456
  • password
  • abc123
  • qwerty
  • 000000
  • iloveyou
  • monkey
  • 111111
  • dragon
  • michael
  • tinkle
  • football
  • computer

In 2012, millions of LinkedIn users had their usernames and passwords breached. This meant that accounts were hacked and cybercriminals sent messages and posted links from people’s profiles, causing their ‘connections’ on the site to click on infected links which may have contained malware or ransomware. Some reports suggested that as many as 170 million accounts were compromised.

A recent survey by found that 14% of 750 Americans are currently using “Covid-19” as part of their passwords!

Password best practice

Make sure to use different passwords for different accounts. Don’t use the same password at work that you use for personal accounts at home.

Current password guidance recommends that passwords should be made up of three or more random words strung together e.g. ‘coffeetrainfish’ or ‘walltinshirt’, with capital letters, special characters and random numbers mixed in e.g. ‘CoffeeTrainFish62#’ or ‘48!WallTinShirt’.

You must always ensure not to reuse passwords or have ones that are similar to your previous passwords. They should all be totally unique across systems and after a password change.

Avoid anything that hackers could guess or get hold of from social media, such as:

  • your name
  • favourite football team
  • recent holiday destinations
  • child’s name
  • your birthday
  • partner’s name
  • birthplace
  • pet’s name

If you suspect you’ve been hacked, change your password immediately. You should always use different passwords for every account, and never write them down or store them in a shared file.

Find out more on the NCSC’s website


View infographic as PDF

Password security infographic PDF (opens in new tab)

File type: pdf

File size: 2MB

Download this file
Concerns about fraud?

Contact our team of qualified investigators