Client Portal
With so many online accounts now in daily use, including banking, shopping, email and HMRC services, password security has never been more important. A weak or reused password can lead to fraud, identity theft, or unauthorised access to personal and business information.
A good first step is to use strong, unique passwords for every account. Avoid using the same password across multiple websites, as criminals often reuse stolen login details from one breach to access other accounts. Strong passwords are usually at least 12 characters long and do not rely on obvious words or personal information. Many people find passphrases easier to remember than random characters.
A password manager is one of the easiest ways to improve security. It securely stores passwords in an encrypted vault, generates complex passwords for you, and can warn you if you are using weak or repeated passwords. This means you only need to remember one strong master password.
Where possible, enable two-factor authentication (2FA). This adds a second step when logging in, such as a code from an authentication app or a prompt on your phone. Even if someone obtains your password, they may still be unable to access your account without the second factor.
Be cautious with password reset emails and links. Your email account is often the gateway to all other accounts, so secure it with a strong password and 2FA. Also watch for phishing emails and fake login pages designed to steal your details. If unsure, type the website address directly into your browser rather than clicking a link.
Finally, avoid sharing passwords by email or text message, especially in a business setting. Where possible, use separate logins for each person and restrict access appropriately.