Skip to main content Skip to search

Archives for Cyber

Password symbol

Top 5 tips for using a password manager

Passwords, we all have more that we care to admit. With every online service, telephone service and device requiring one of those pesky words, our lives are littered with them. It is best practice to have a unique password for each account, but how do you remember so many? Check out our Top 5 tips for using a password manager!

What is a password manager?

Before we start our Top 5 tips for using a password manager, let’s summarise password managers.

Password managers are secure vaults for all of your passwords. In the simplest form, it is no more than that. You typically have one strong password, the “master password”, that unlocks the vault. Once the vault is unlocked it gives you access to all of your credentials. Good password managers will allow you to:

  • Generate secure passwords.
  • Notify you if/when a password has been compromised.
  • Prompt you to change duplicate passwords (which of course, you have none!).

For all their great features, a password manager does of course come with risks. Their usage should be proportionate to the risk of the credentials being leaked. We know that every account should have its own strong password (until a passwordless society becomes the norm), but how many of those are highly confidential accounts? Which do you care about the most? Your bank account password being known only to you, or your Netflix account.

We will explore some of the risks associated with password managers in a later post. For now, let’s focus on the Top 5 tips for using password managers.

Top 5 tips for using a password manager

Here is Accelita’s Top 5 tips for using a password manager. Remember, password managers are not the only defence against credential compromise!

1. Use the password generator to generate strong passwords

Most good password managers come with the ability to generate strong passwords. The definition of a strong password is often a topic of debate, however many people converge upon a similar theme. The National Cyber Security Centre (NCSC) guidelines are to use three random words.

Create passwords using three random words. You just put them together, like ‘coffeetrainfish’ or ‘walltinshirt’.

2. Create accounts linked to domains

Passwords should be unique, and each service is likely to have its own website address. Password managers allow you to create accounts/logins; combining the username, password and website address (URL/domain name). Entering the website address with your password entry will help reduce the chance of you being tricked into entering credentials into a cloned site. Attackers are clever, they will lure you on to a site they control, often looking identical to the authenticate site and with a very similar domain name (think as opposed to

If you have entered a website address against a login, but navigate to a fake site, the login you would normally use won’t be displayed in the list of suitable options. This is just one simple, subtle, hint for you to check you are where you think you are.

3. Ace the master password

Great, you have your password manager containing all your passwords. But, then you set the master password as “password1”. Doh! Now attackers have access to all of your accounts, not such a wise move. Following the guidance in Tip #1, set a strong master password, and don’t share it!

4. Maintain good account hygiene

You will find over time that the number of accounts you have in your password manager is growing beyond belief. Starting with 1 or 2 and often reaching hundreds in a matter of months, it is quite scary just how many services we are signed up for. Think of all of those people you have shared your details with.

Just as you would spring clean your house, take time to maintain your online footprint. Look through the list of accounts in your password manager and ask yourself, “do I still use this?” and “what value does this account bring me?”. If you don’t need it, close the account. You have a right to be forgotten and companies shouldn’t be storing data any longer than needed, so close the account and remove the risk. Why loose personal details through an attack on a service you no longer use?

5. Use two/multi factor authentication

Passwords are only part of the authentication solution. Passwords can be broken, stolen, or simply guessed. Using a secondary form of authentication such as a unique code generated on your phone, a one time password sent via SMS, or a hardware dongle (take a look at Yubico) adds in a second line of defence. Again, the NCSC has some great guidance on this.

Want to read more?

The NCSC have lots of great guidance on staying safe online. In fact, they even have their own post about password managers. Whilst you are here, why not continue your journey and see what the NCSC have to say?

Read more
Cyber security

Introduction to Cyber Security

Cyber Security knowledge begins with an Introduction to Cyber Security. Cyber is a developing industry and a growing concern for many. As a result, there is a diverse resource set available across the Internet, recommendations available in printed material and recorded guidance embedded within video platforms. It is now more important than ever to ensure you embed well founded Cyber Security knowledge throughout your business.

At Accelita we take pride in our desire for continuous development. To this end, we took part in The Open University course, Introduction to Cyber Security. This course covers the basic principles we should know as consumers, members of the public and professionals. The course provides definitions and case studies for all those scary tech words we hear in the news. You are walked through common steps to mitigate cyber security risks and challenged to think outside the box.

"Well founded Cyber Security
knowledge is essential"

The Introduction to Cyber Security course provides a fantastic starting point, but Cyber Security is a forever changing landscape. A host of reputable, cost effective, solutions are available to help further knowledge in this area.


Focused on those who are technically minded and like to get stuck in. This is a great platform providing free courses for everyone. We have used Cybrary for a number of training activities. Knowledgable instructors, extremely mature content and fantastic scope make this platform great.

See more at Cybrary.


Pluralsight is more than just a training platform for Cyber Security topics, it is an enterprise ready platform for a multitude of technical topics. Investing in Pluralsight provides organisations with an overview of employe engagement and learners with an array of well structured courses.

See more at Pluralsight.


At Accelita we currently provide Cyber Security awareness training to personnel across the organisation. Rather than delivering technically focused content, we discuss the steps that everyone can take minimise risks to the business and yourselves.

See more at Accelita.

Read more