The latest advice from the National Cyber Security Council (NCSC) is that websites - particularly e-commerce sites - should allow customers to cut and paste passwords to access their accounts.
At the moment, many website developers prevent users from copying and pasting passwords during the log-in process, in the assumption this provides an additional element of security.
But according to the NCSC, consumers who are forced to use increasingly complex passwords, are likely to repeat the same phrase across multiple sites, weakening the overall security if one password is compromised. An NCSC spokesperson commented:
“The main reason why password pasting improves security is because it helps to reduce password overload. Allowing the pasting of passwords makes web forms work well with password managers.”
Password managers are software (or services) that choose, store and enter passwords into online forms for you. The NCSC believes that password managers can prevent this user overload and it also eliminates the risk of entering an incorrect password and getting locked out.
The biggest downside to a password manager is if a phrase is breached then other accounts become more vulnerable to fraud. But without password managers it would be pretty much impossible to remember all your passwords. If you re-use the same password, or slight variations of it, this leaves your accounts vulnerable. Some users also fall into the trap of deciding that a simple or easy to guess word is less hassle as the chances of them being hacked are very slim – but not always true!
For better online security, the NCSC advise:
· Install any software updates as they are made available
· Back up all your data
· Use three strong random words to create stronger passwords
· Turn on two factor authentication, if it is available. Many banks use these now.
· Save passwords in your browser
· Update your devices
For more information have a look at our password infographic here
If you are a business based in the region and would like to talk to an expert about online security contact the NEBRC today at: email@example.com