Our lives are filled with numerous online accounts, each demanding a unique password. This can quickly become overwhelming, leading many to resort to weak or reused passwords – a cybercriminal’s dream.
By Chris Harris – Chief Information Officer
Fortunately, there’s a simple yet effective solution endorsed by the National Cyber Security Centre (NCSC): the three random words method.
What is the three random words method?
This method involves selecting three unrelated, unfamiliar words and combining them to create a strong password. For example, “sunshinedogbicycle” is a password generated using this technique.
Why does this method work?
- Stronger passwords: Weak passwords are easily cracked, but longer, more unusual ones pose a much greater challenge for cybercriminals. The three-word combination naturally increases password length and complexity.
- Easier to remember: Complex passwords filled with random letters, numbers, and symbols are difficult to memorize and type correctly. The three random words are much easier to recall and use.
Why not use familiar words or patterns?
We often fall back on variations of familiar words, names, dates, or even reuse passwords across multiple accounts. While convenient, these practices are easily predictable and exploitable by cybercriminals.
Is ‘three random words’ more secure than a password manager?
No, password managers offer the strongest security by generating and storing complex passwords, but their adoption rate remains low. The three random words method strikes a balance between security and usability.
Is it okay to write down my password?
Yes, the NCSC acknowledges that writing down passwords can be a helpful strategy, so long as the written note is stored securely. You should also ensure that is does not directly reference the login it is associated with.
The three random words method is a practical and effective way to create strong, memorable passwords that protect your online accounts. Whilst it’s not the panacea to all password problems, it’s a simple yet powerful tool in the fight against cybercrime.
Need expert guidance on securing your business’s digital assets?
As a seasoned Chief Information Officer with extensive experience in IT security, Chris Harris can provide tailored solutions to protect your business from cyber threats. See the IT consultancy services we offer small businesses or contact us today to review how we can help you to tighten up your cybersecurity.
