Make online life easier – even cyber spies can’t recall passwords
Boss of new national security centre criticises complicated process to access internet accounts
By IT IS one of the frustrations of modern life: the need to recall an ever-growing list of internet passwords.
But those who struggle to remember which combination of their pet’s name, birthday or football team unlocks their online accounts can now take heart – so do the country’s top cyber spies.
The head of Britain’s new National Cyber Security Centre (NCSC) has admitted that even his “best people” would not be able to remember all the lengthy passwords that internet companies demand and that he would struggle to recall them all himself.
Ciaran Martin said internet companies must make it easier for people to use the internet safely.
He said that the NCSC has recently determined that demands for regularly changing, long passwords using numbers, capital and lower case letters, mean people are effectively being asked to memorise a new 600-digit number every month under the official guidelines.
Mr Martin also criticised websites that bar people from being able to paste their passwords online, saying it was “completely pointless” and actually damaging security.
Mr Martin, speaking as the NCSC was officially opened by the Queen, said: “We have got to make it easier for people to operate safely.
“We worked out what we were asking every British citizen to do is memorise a new 600-digit number every month.
“I don’t think I could do that, none of my best people could do that.”
He recommended that people should use password managers to handle their security. “There are password managers out there, there are ways you can look at your exposure online, you can work out what you really care about,” he said. Password managers are programs that can encode all the passwords a user needs for different websites, using a single login.
Ian Levy, the technical director at the NCSC, said asking members of the public to remember so many passwords was “dumb”, but that password manager programs made life “so much easier”.
He said: “That’s the short-term answer to make the current pain go away. If you’ve got a vault of all your passwords, you need to remember one. It syncs across all your devices.
“We are about to publish guidance on how to select a good password manager.”
Mr Martin said there had been a “step-change” in cyberattacks by Russia against the West since 2015.
He said there was also concern about cyber security from British political parties after American intelligence agencies said Russia carried out hacking attacks on the Democrats to try to sway the presidential elections.
Mr Martin said political parties had made approaches to the NCSC to see if they could get advice on security.
He said: “There’s talk about it. We’ve had some approaches and we would expect to be offering seminars and that sort of thing in the future.
“We expect to be asked and we will be happy to.”
Protecting the electoral and democratic systems was “up there with the top priorities”, he said.
The NCSC, which is part of the Government electronic spy agency GCHQ, will spearhead Britain’s efforts to fend off cyber attacks.
Speaking at the launch event, Philip Hammond, the Chancellor, said cyber attacks were increasing in frequency, severity and sophistication.
He also warned that households around the country were vulnerable.
“The average British home has eight devices connected to the internet,” he said.
“This provides enormous potential for day-to-day attacks, from electronic data theft to online ransom.”