Use strong passwords

Use strong passwords

Protect your IT account with a strong, unique password. Combine words, number and punctuation into a memorable phrase. In our example we’ve turned ‘no hackers welcome’ into ‘NohA(kEr$W3lc0me’.

There are simple rules you must follow when changing your password:
- Minimum of 12 characters long
- Do not re-use a password which you have used before

Passwords must include 3 of the 4 following:
- Include upper case letters (A-Z)
- Include lower case letters (a-z)
- Contain a numerical digit (1-9)
- Contain a non-alphabetical symbol (e.g. ! £ * ?)

For more information and to see the full list of permitted characters access this FAQ.

Each website and login you use should have a unique password. Consider using a password manager to help achieve this task. A password manager can also generate strong passwords for you and store them securely. To find out more about password managers visit this link:

Top Password Managers

You should set up multi-factor authentication (MFA) on your online accounts. Hundreds of big services provide MFA and the National Cyber Security Centre calls MFA
"the single best thing you can do to improve the security of your important accounts."

For more information, please see:

Learn all about multi-factor authentication (MFA)

The National Cyber Security Centre on password managers

Updated on 1 January 1970