Secure passwords are your first line of defence against cybercrime. Choosing weak passwords that can be guessed easily or worse still - using the same password for all your online accounts can be a costly mistake to make.

login screen - Air IT support tips on strong passwords

This article from Nottingham based IT support and solutiona provider, Air-IT, will help you avoid common password pitfalls and stay safe online.

Password Do’s and ‘Don’ts



  • Choose a different password for each of your online accounts – a cyber criminal could easily take your account details from a website with low security and then use the information to hack into your bank and credit card accounts.
  • Make use of all the different characters on the keyboard – try using symbols and punctuation marks to replace certain letters and numbers, and mix capital and lower case letters. E.g. ‘jellyfish’ could become ‘J$lly22F!sH’.
  • Select a phrase or group of words that means something to you (and only you) – something that’s relevant to the website in question. E.g. for an online pet shop you could choose the phrase ‘My cat likes cheese’ and convert it to ‘mYc@TL!kesCh£ES$.’ If you can visualise the password, this will help you remember it.
  • Put recovery options in place in case you forget your passwords – many online accounts let you reset your password by sending a link to an email address, or a reset code to a mobile phone. So make sure your recovery email address and or/phone number are up to date. And if your account uses reminder questions to log in or reset your password, make sure you choose questions and answers that only you know and that aren’t in the public domain.
  • Change the passwords for your most important accounts every three months – set up an automatic reminder using the calendar on your computer or smart phone, to make sure you don’t forget.
  • Check the strength of your passwords before you set them up – there’s a handy password strength checker on the Microsoft website, so give it a try.


  • Settle for a short password ‘to keep things simple’ – a strong password will always have at least 10 characters, consisting of a mixture of letters, numbers, symbols and punctuation marks. The more variety, the better.
  • Make up passwords from sequences – don’t use sequences of numbers or letters, e.g. 12345678, or repeated characters, e.g. zzzzz. Avoid using adjacent characters on your keyboard, too, e.g. asdfg.
  • Choose dictionary words in any language to create a password – these can be easily cracked by cyber criminals. This rule applies even if the words are spelled backwards, contain common spelling errors or have been abbreviated.
  • Use any information about you that’s in the public domain to create your passwords – that includes the names of friends, family members and pets; significant dates such as birthdays and anniversaries; address details; phone numbers; and document numbers, such as your driving licence number.
  • Leave a written copy of your passwords lying around – it’s OK to write them down as a reminder, but keep the document locked away. Companies should keep user name and password information for business-critical applications in the company safe.

Need any help with your IT?

Air-IT is a leading Managed IT service provider committed to providing a range of first class services to local businesses in Nottingham, Derby, Leicester and across the Midlands.

Whether you wish to fully outsource your IT support or complement your in-house resources – we are here to help.

Please contact us today if you’d like to discuss your business IT needs further, or to book an ICT audit to find out how well your company systems are performing. Alternatively, find out more about gaining Cyber Essentials accreditation, and our cyber security services.