Seven password dos and don'ts

Listen to this article

Passwords can often feel like an annoyance but if handle them intelligently, they can build a sense of assurance. 

We recommend you start out by following our guide for creating a new password along with the advice below. 

1. Don't rely on a complex but short password

It used to be conventional wisdom to modify you existing password by replacing text characters with a few random characters. No more. Instead, keep using a few random characters but prioritise length. 

2. Do use a passphrase

12 to 16 characters, with a couple of symbols and numbers thrown in. Be creative and try make a nonsensical phrase that no one has ever heard of before. And don't use a password less than 9 characters in length. 

3. Don't write down passwords

You won't know who will have had access to them or where they may end up. And ultimately you won't feel secure until they're changed to something you haven't written down. 

Do not write your passwords on a sticky note attached to your computer monitor.

4. Don't store passwords in a file on your computer

Plain text or excel spreadsheet - don't use them. They're not secure, you won't know if they're copied to a different device or emailed to anyone, and you'll be in trouble if they're lost or corrupted. Use a password manager.

5. Do use a password manager

Password managers make life easier. You'll wish you started using one earlier. Our guide for starting out is available here

6. Don't share your passwords via email or text message

Once you send a password outside a manager or a login screen, it's difficult to know where it may end up. If you must share a password, use an encrypted channel (but these can be difficult to determine). 

In any case, if you've shared a password, it's a good idea to reset it once the other person is finished using it. 

7. Do use a shared password platform

In a business (or even family environment), sharing passwords securely can present a problem. Password managers and access management solutions can allow groups of people to share and use passwords securely every day. 

If you're searching for a suitable password management solution for your organisation, we recommend speaking with your Sentrian Client Services Manager. They will work with you to determine the best options available. 

Latest Articles

Small Business, Big Rules: Why AI Data Governance Is No Longer Optional

AI is the buzzword du jour, yet few Australian businesses realise just how quickly the rules around its use are tightening. With the federal government looking to introduce mandatory “AI guardrails”, the days of treating data governance as an afterthought, especially for smaller businesses, are fast coming to an end. If your business is experimenting with AI, or you just want to avoid regulatory whiplash, now’s the time to get on the front foot. Read on to demystify the reforms and learn how to prepare your business for the AI-enabled future.

ASIC lays the smackdown on FIIG Securities over failure to implement basic cyber security

ASIC’s lawsuit against FIIG Securities over “systemic and prolonged cybersecurity failures” is a wake-up call for all professional services firms, not just large financial institutions. The regulator expects even small and medium businesses to implement basic controls. Relying on size as an excuse no longer cuts it. Neglecting cyber hygiene exposes firms to legal, financial, and reputational risks. The message is clear: cybersecurity is a core business issue that demands executive oversight and regular attention. Proactive investment in IT security safeguards both compliance and future commercial opportunities.

Essential 8 vs SMB1001: Which Framework Is Best for Your Business?

Cybersecurity is no longer optional—but which framework is right for your business? In this blog, we compare the long-standing Essential 8 with the newer, SMB-focused SMB1001 framework. Learn the key differences in complexity, certification, and human-focused strategies so you can make an informed choice.

Subscribe to our Newsletter.

Join the Events & Alerts List

You’re signing up to receive event updates and important alerts. Stay informed and never miss out!

News & Event Invites

Link to Privacy Policy.