New advice suggests long passwords are not necessarily more secure

Tuesday, September 22, 2015 - 09:50 by Mike Price

Although many online security experts have argued that people need to make their passwords longer and more complicated, a new warning from government specialists has suggested that, in fact, this approach may not be as effective as is claimed, according to the Telegraph.

Advice given by a department within GCHQ has indicated that it may be better to make people choose passwords that are simpler and easier to remember, as hackers have ways of exploiting the longer, more complex phrases that are being created by conscientious people at the moment.

The government specialists admit that in the past they too have advised people to use lengthy words, or mixtures of characters and symbols, to protect accounts. But now it is suggested that the complexity is actually a bad thing, since it means users may be forced to use insecure ways of remembering these passwords.

If, for example, someone keeps their passwords written on post-it notes pinned to their desk or computer display, anyone wanting to get access to an account could easily get hold of this information.

And for those who want to carry out safe shopping online without having their personal information compromised, the suggestion is that it is better to think of a memorable password rather than one which can easily be forgotten and so needs to be written down.

Of course, the government is talking specifically about the approach that it recommends its employees take in order to safeguard sensitive information. But the same thing is true for average consumers and especially for those who truly want to carry out safe shopping online without being at risk of a hack.

People should not resume using basic passwords, such as pet names or birth dates, but this advice suggests that picking several words which are easy to remember is better than using the random approach previously encouraged.