NCSC urge users to ‘paws for thought’ over pet-based passwords

According to the National Cyber Security Centre (NCSC), such passwords can make it easier for hackers to force their way into people’s accounts by simply guessing common pet names. To prevent this, the centre has asked people to follow best practices by creating passwords using three random words to help better secure their online accounts.

It comes after a survey commissioned by the centre that found many people were using passwords made up of things which can be easily predicted, including a pet’s name (15 per cent); the name of a family member (14 per cent); a significant date (13 per cent), or a favourite sports team (6 per cent). It also found a further 6 per cent of people surveyed admitted they used the word 'password' as all or part of their password.

“We may be a nation of animal lovers, but using your pet’s name as a password could make you an easy target for callous cyber criminals,” said Nicola Hudson, NCSC’s director for policy and communications.

The study also found that more than a quarter of people had set up at least four new password-protected accounts in the last year, which the organisation said further highlighted the importance of using strong passwords, with more data than ever to protect.

Hudson advised users to visit cyberaware.gov.uk and follow the guidance on setting secure passwords, which recommends using passwords made up of three random words. “You can even use our 'Cyber Action Plan' tool to generate tailored, free-of-charge advice to improve your security against online attacks,” she added.

The NCSC’s Cyber Aware campaign also advises the public to use a strong, separate password for a user’s primary email account and to save passwords in a web browser to help with managing them.

Ian Pitt, CIO at software company LogMeIn, commented: “Using easily guessable passwords, such as a pet’s name or a favourite football team, is a sure way to see your details up for sale on the dark web. Online security risks have risen substantially over the past year, but employing basic password security practices will go a long way in keeping users secure.”

Pitt advises users to consider using long, randomly generated passwords that are unique to every single account and contain lower and uppercase letters, digits and symbols. “Simple solutions like password managers also kill two birds with one stone, as they can be used to both generate and store unique passwords for every log-in,” he added.