How to set stronger company passwords for 2025

SMEs (small to medium sized enterprises) in the UK seeking to improve cybersecurity can start the new year with an overhaul of passwords in use.

Enterprise owners can ask how long they have been using the same passwords, who has shared them and how robust they are – but what exactly makes a strong password?

Length matters for passwords. Experts advise aiming for between 12 to 14 characters (or longer if possible) to make them tough to crack, and never using common phrases or personal information as inspiration.

Use of birth dates, pet names or even favourite football teams make passwords guessable when cybercriminals study your socials.

Passwords selected should differ substantially from their predecessors – simply adding another number to the end is a recipe for disaster. To stop staff writing passwords down where they become vulnerable, ensure they are easy to recall yet impossible to guess. Try creating a phrase with multiple words using a mix of lower- and upper-case letters and symbols in an order that is memorable for your team, but likely to thwart threat operators.

Remember to never use the same passwords for several accounts and access points to avoid widespread intrusion if credentials get exposed. It’s also worth considering activating multi-factor authentication (MFA) to generate a further layer of defence to email accounts, servers and data storage solutions.

For expert advice on cybersecurity for business or acquiring Cyber Essentials certifications, get in touch with our team at 127 Solutions and keep your data and systems safer in the new year.