info@sslpost.com
+44 (0) 333 444 3425

Good practice tips for passwords – Why MrScratchy can be a security risk

Good practice tips for passwords

Passwords are a vital element of keeping your information safe online. When you think about how much information would be available to someone with access to them, you start to realise how important they are. Imagine throwing open the doors to your house and inviting everyone to come in and rummage around in your personal belongings and private information. Horrible thought, right? Bad password security is exactly like doing just that and having all your data, from credit card details through to personal information, available to anyone who knows them.

Here is a scenario that happens way too often. You go to access an old online account that you haven’t used since 2005. You can’t remember the password, so you type in the name of your pet rabbit as usual, and you are in. Because you always use ‘MrScratchy’ (or a handful of others) as your passwords, you never forget them. That way, you only need to remember 4 or 5 different passwords and reuse them so you can always get into your accounts. The problem is, so can anyone with a small amount of knowledge and the right software. You are using a password that breaks several basic security rules and has probably been stolen several times from various breaches over the years.

We should all know about security by now, but according to Google/Harris Poll survey, despite 69% of people giving themselves an A or B grade for online security, 52% of us reuse passwords and even more worrying, 13% use the same password for all accounts.

Here are a few basic rules to follow when it comes to keeping your passwords secure and your data as safe as possible:

  • Don’t use personal information. The names of your children, pets, favourite holiday locations/films/singers and similar are not a good idea. Neither is just changing the same information to contain equivalent looking numbers instead of letters. MrSc@tchy as a password will be hacked almost as quickly as the original name.
  • Make them longer. Yes, it is easier to remember shorter ones, but that means they are also easier to hack. Try to make them longer and include special characters and numbers.
  • Think about your social media content. Get the security levels right on all your social platforms and avoid responding to the ‘Post the name of a beloved pet’ or ‘Who can remember the name of a favourite teacher’ style posts. You are just putting potential passwords in the public domain.
  • Many so-called ‘hacks’ are a result of human error or phishing scams. There is a very simple rule to follow about passwords – Under no circumstances share them with anyone, no matter how much it sounds like it is safe. Assume that anyone asking for information is not legitimate unless you are 100% certain they are safe.
  • Change them regularly. Passwords are stolen on a regular basis. Even huge names in the tech world such as Adobe, Facebook and eBay have lost data to infiltration in the past. Changing your password is a simple way of really increasing security. Please don’t rotate them, though. Going back to a previous password is not a good idea.
  • Two-factor authentication. It may be a bit of pain sometimes but 2FA ensures you are who you say you are when you log in.
  • Passwords are supposed to be secret so keep them that way. Never give them out and never text them or send them in a messaging app.
  • Windows and other access points still need good security. Don’t be lulled into a false sense of security by your own devices. Just because you are logging into windows or macOS on your own machine doesn’t mean that you don’t need a strong password. Once someone is logged into your machine, they have access to everything, so a strong password is vital.
  • Get a password manager on all your devices. These nifty little helpers generate strong passwords and then securely hold on to them for you. They encrypt all the information so it is as safe as possible.


Passwords are both one of the strongest and weakest parts of any security system. If they are done right, then it takes a very sophisticated, high-level criminal to get past them. On the other hand, if you don’t do them right, they can be accessed with software that is freely available. To put things into perspective, it is estimated that at least 1 million passwords are stolen every week. That makes it pretty clear why security is so important.

Contact Us