One2Call Blog

14 Password Policy Best Practices for 2020.

Nov 4, 2019 8:45:00 AM / by Danny Kirkby posted in pass phrase, password, security


Password policies have been around for a long time in business, but when was the last time you reviewed yours? Is it still fit for purpose? The online threat environment is ever-changing and it may well be that your password policy, and overall password vigilence, has never been so important to your business.

So here is our round up the 14 password policy best practices for your business in 2020

Read More

It's all about length - think 'pass phrase' not 'pass word' to increase online security.

Aug 10, 2015 4:45:11 PM / by Danny Kirkby posted in Blog, online, pass phrase, password, security


We all know length is important, and it turns out this is especially true when it comes to passwords.

  • Use sentences to make your password longer
  • The more nonsensical the phrase the better
  • Add the usual numbers and symbols to increase security further

It's one of those screens that makes your heart sink when you see it:

We're all creatures of habit, which is why using the same password across all your accounts (and maybe just adding a number at the end) is so tempting. But with crime increasingly moving online, improving your password strength is one of the cheapest ways to increase your online security.

And when it comes to increasing password strength, length is all important, as this article demonstrates clearly.

Which is why thinking of pass phrases - full sentences - instead of pass words helps improve security without necessarily making them less memorable.

One quick and simple way to do this is to put your existing password into a sentence.

For instance, if your current password is "Gazza90", this could be cracked by a normal PC in 14 minutes (via

If you then change that to "Gazza90scored100goals" it would now take the same PC 345 quintillion years to crack it. And I'm not even sure if a quintillion exists!

The more nonsense the phrase, or the more personal to you, the better as it make it less likely to exist elsewhere on the web, and therefore harder for the hacking software to guess. Then, adding in the usual random assortment of numbers and symbols adds an extra layer of complexity.

Remember, though, if it's so complex that you can't remember it, it's too complex. But too simple is also to insecure. Find a happy middle ground and you'll no longer dread the message "Your password is about to expire".

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts