Locking the Front Door (Passwords & MFA)

Written By Tristram Ridley-Jones

Imagine if every key to your office was identical, and you gave a copy to everyone who ever visited. That is what happens when we share passwords or use "Church123" for everything.

The vast majority of cyber breaches aren't caused by sophisticated hackers typing green code into a black screen like in the movies. They happen because someone guessed a weak password or used a password stolen from another site.

The Death of "Password123"

If you use the same password for your personal Netflix and your Charity Email, and Netflix gets hacked, the criminals will try that email/password combo on every other site they can find. This is called "Credential Stuffing."

  • Rule 1: Never reuse passwords.

  • Rule 2: Use "Three Random Words" (e.g., Purple-Gazebo-Toast) to create long, memorable passwords.

The Game Changer: MFA (Multi-Factor Authentication)

This is the single most important technical advice in this entire series. MFA (sometimes called 2FA) means you need two things to log in:

  1. Something you know (Password)

  2. Something you have (A code sent to your phone)

Think of it as a digital deadbolt. Even if a thief steals your key (password), they still can't open the door without your phone.

Your "Easy Win" for Today

Log into your organisation’s primary email account (Gmail, Outlook, etc.) right now. Go to settings and turn on "2-Step Verification" or "Multi-Factor Authentication." It takes two minutes and makes you significantly safer instantly.

Tristram Ridley-Jones
Previous

The Art of Spotting a Fake (Phishing)
Next

Why Cybersecurity Is Modern Stewardship