Having a strong password
This article contains information & advice regarding risks that do not appear on the Risk Register.
Why it’s important to take special care of your email password.
We're often told that the passwords to access our online accounts should be really strong, and not to use them anywhere else. This is especially true for the password for your email account. If you've used the same password across different accounts, cyber criminals only need one password to access all your accounts.
Always use a strong and separate password for your email; that is, a password that you don’t use for any of your other accounts, either at home or at work.
If a criminal can access your email account, they could:
- access private information about you (including your banking details)
- post emails and messages pretending to be from you (and use this to trick other people)
- reset all your other account passwords (and get access to all your other online accounts)
Having a strong and separate password for your email means that if cyber criminals steal the password for one of your less-important accounts, they can’t use it to access your email account. The National Cyber Security Centre encourages people to use password managers, which can create strong passwords for you (and remember them).
If you have re-used your email password across other accounts, change your email password as soon as possible. It should be strong and different to all your other accounts.
Ideally, you should use unique passwords for all your important online accounts (such as banking accounts, shopping/payment accounts and social media accounts), not just your email account. You should also provide additional protection by setting up 2-step verification (2SV) on your email account, which will prevent a criminal from accessing your email account even if they know your password.