Hello everyone,
While the amount of money stolen from us through scamming of one type or another continues to rise to extraordinary levels (£629 million in the first half of 2025 in the UK), I received the message below this morning and thought it might be a useful refresher to send round. Most importantly, it makes the point that some of the things we might have been advised to do in the past have now been overtaken, particularly in relation to the types of password we should perhaps think about using now as computers and their nasty operators become more sophisticated in their ability to obtain the information they want from us.
On another matter, while on the treadmill down at The Hangar earlier this morning, I was watching BBC Breakfast TV on the screen in front of me to distract me from the mind-numbing wall before me and the motivational signs and pictures of finely honed people that were displayed there. As an aside, I live in hope on that front although Jean comments that, as I’ve never been finely honed in all the years she’s known me, I shouldn’t get my hopes up at this late stage! Anyway, I saw that the BBC has just started its now-annual Scam Safe Week today and the webpage they have set up is very comprehensive with much handy advice, including a very useful quiz to see how scam savvy you might be – it does make you think. This webpage can be found at http://www.bbc.co.uk/scamsafe so check it out – it’s a veritable fountain of information.
Thanks,
Michael
Stop struggling with passwords and make them stronger
If you feel like you spend half your life clicking “Forgotten Password,” you are not alone.
For years, we were told to create complicated passwords like P@55w0rD!, change them every 90 days, and never write them down. The problem? That advice made things difficult for humans, but easy for computers to crack.
The guidance has changed. Here is how to make your passwords stronger and easier to remember.
1. Length beats complexity: Use “Three Random Words”
Computers are very good at guessing standard substitutions (like swapping an ‘a’ for an ‘@’ or an ‘I’ for a ‘1’). They are much worse at guessing length.
Instead of a short, complex jumble of characters, combine three random words together. Remember with passwords LONGER is STRONGER.
- Bad: Tr0ubl3! (Hard to type, difficult to remember, easy for hackers to crack)
- Good: RedHouseMonkeys (Easier to type, easy to remember, very hard to crack)
2. The Golden Rule: Don’t reuse your passwords
This is the most common mistake we all make. If you use the same password for your Facebook, your email, and your online shopping, a hacker only needs to crack one to access them all.
Think of it like a master key: if you lose it, you lose access to your house, your car, and your office all at once.
- If you can’t remember different passwords for everything, prioritize your Email and your financial accounts.
Your email account is the gateway to your digital life. If a criminal gets into your email, they can reset the passwords for all your other accounts. Give your email a unique, strong, “Three Random Words” password that you use nowhere else.
3. Let your browser take the strain
You don’t actually need to remember every single password for your many online accounts.
Most modern web browsers (like Google Chrome, Safari, or Edge) and many mobile phones will offer to save your password when you log in.
- Say “Yes” to this for all accounts other than your email and financial accounts. To be ultra safe you should still memorise those.
- It is much safer to have unique, complex passwords saved in your browser than to use “Password123” everywhere because you’re afraid of forgetting it.
- You can also use dedicated “Password Manager” apps, which work across all your different devices.
A CAUTIONARY NOTE – Don’t save passwords on shared devices. Only save them on a device that only you use and ensure that the device itself is secured, often by way of a PIN, fingerprint or facial recognition. This means that if anyone picks up your device, they cannot easily gain access to its contents.
Summary: Your 3-Step Action Plan
- Update your Email Password: Change it to Three Random Words combined together. LONGER IS STRONGER.
- Stop Reusing Passwords: Ensure your banking and email passwords are unique (not used anywhere else).
- Save Them: Let your browser / password manager or phone remember the rest of your passwords for you.
More information on improving you password security can be found here – Improve your password security – Stop! Think Fraud
Reporting
If you think you have been a victim of cybercrime, please report the incident to Action Fraud via phone (0300 123 2040) or via their website at https://www.actionfraud.police.uk
If you think you have lost money or given out sensitive financial information to scammers, immediately alert your bank / financial institution. Call them right away to inform them of the suspicious incident. You can quickly reach many UK banks’ fraud departments by calling 159.
If you’ve received a suspicious email, please forward it to the NCSC’s suspicious email reporting service (SERS) at report@phishing.gov.uk . Forward suspicious text messages onto 7726
