Signing up for a new service nowadays often prompts the user to create a password that is a certain length, and that it includes specific characters in order to make it a 'strong' password. However, Britain's security services have said that this will do little to protect you from being hacked by cyber-attackers.
Instead of complicated passwords being a frustration to attackers, CESG - the Information Security arm of GCHQ - has said that this only makes the user's life more complicated.
The guidance reads: "Password guidance - including previous CESG guidance - has encouraged system owners to adopt the approach that complex passwords are 'stronger.' However, complex passwords do not usually frustrate attackers, yet they make daily life much harder for users. They create cost, cause delays, and may force users to adopt workarounds or non-secure alternatives that increase risk. This guidance … advocates a dramatic simplification of the current approach at a system level, rather than asking users to recall unnecessarily complicated passwords."
Raj Samani, a chief Technology officer at Intel Security explained to The Telegraph why the simplification of passwords could improve security: "By having complex passwords individuals would find methods to remember them and those mechanisms could lead to security vulnerability. What a lot of people will do is simply write that password down. We have lots of examples of computer hackers who will try to extract that information by manipulation."