Prioritise longer passwords and password managers says cybersecurity expert

During the Covid-19 crisis, the risk of being hacked is higher than ever. With that passwords come under the cybersecurity spotlight. Hal Lonas, Chief Technology Officer at cybersecurity company Webroot, says that one essential step people can take is to use longer passwords.

It’s not a new imperative, of course, before Covid-19 the same applied. The issue has just become more a fire. More people are working from home and accessing password-protected business accounts outside of the office.

As a result, “0pportunistic cyber attackers are on high alert to take advantage of this,” says Hal Lonas.

He added that this means “users need to be even more careful with their passwords than usual. Businesses also need to play their part to ensure strong cyber hygiene is in place and that individuals remain vigilant. This begins with security awareness training and ensuring that strong password policies are in place.

“Password cracking software does not discriminate by characters used, but instead length makes it more difficult to hack. Therefore, staff should be encouraged to prioritise longer passwords over the inclusion of special characters and numbers.

“Encouraging employees to use a password manager makes it easier for them to use different passwords across websites, further aiding security.

“Also, too frequent password rotation also causes problems, as people tend to use easier-to-guess passwords if you force them to change too frequently. Requiring a password change every 30 days, therefore, may actually cause more problems than it solves.

“Putting these password policies and training measures in place, alongside cybersecurity technology such as email filtering and anti-virus protection, will help businesses take great strides towards cyber resilience – important now more than ever as they rely on remote workforces.”

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.