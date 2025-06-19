Hacker

Computer experts at Alex Davis PCs are warning Gmail and Outlook users to change their passwords immediately using a ‘passphrase rule’ following alarming research.

Kaspersky, a cybersecurity team, analysed passwords leaked to the dark web and found that 45% of the 193 million passwords were cracked in under a minute, with a further 59% decoded in under an hour. Around £1.4 million has been lost in the past year due to personal hacking.

In light of these concerning statistics, Connor Langton, Owner of Alex Davis PCs and Gaming Monitors, explains how users can secure their accounts properly with these simple methods.

“Many people don’t realise how easy it can be for cybercriminals to break into their accounts – until it happens. These days, attackers use advanced tools that can guess simple or predictable passwords in seconds, even if they include a few symbols. Passwords based on names, birthdays or common words are especially weak.

Gmail and Outlook accounts are prime targets because they’re often linked to everything from banking to cloud storage. If someone gets access to your email, they can trigger password resets on nearly every service you use. But this can easily be countered by using the ‘passphrase rule’ when creating a password, as well as several other precautions.”

Use this ‘passphrase rule’: “Try using a passphrase instead of a typical password. Rather than a short mix of letters and numbers, choose a phrase made up of several unrelated words – something like “table-jump-cloud-green!” This kind of phrase is far more secure and easier to remember. You can make it even stronger by swapping in symbols or numbers – like using ‘@’ instead of ‘a, or ‘3’ for ‘e’.”

Don’t use the same password for multiple accounts: “Never reuse the same password across different websites. It might feel like a time-saver, but it’s a major security risk. If one site gets hacked, your details could be used to access your other accounts – including your email, banking, or online shopping.”

Implement two-factor authentication for each of your logins: “Always turn on two-factor authentication where possible. This adds an extra layer of protection. Even if someone gets hold of your password, they’d still need a second code, often sent to your phone, to log in.”

Regularly update your login and account details: “Make a habit of checking your accounts regularly. Every few months, update old passwords and remove any apps or devices you no longer use. This helps keep your information safe, especially if a company suffers a data breach you weren’t aware of.”

Use autofill password options sparingly: “Be careful when using your browser’s autofill or saved passwords. It’s handy, but if someone gets access to your computer or phone, they might be able to see all your logins. A trusted password manager offers better protection and keeps everything in one secure place.”

What to Do If You Think Your Password Has Been Leaked

Change your password immediately: “The moment you learn your login details may have been stolen, act fast and change your password. Hackers use automated tools to test stolen credentials across many popular sites. If you reuse passwords, this puts your other accounts at serious risk.”

Create entirely new passwords: “Simply adding a number or symbol to an old password isn’t enough, hackers know people do this and can crack these variations easily. Always create a brand-new, strong password that doesn’t resemble the compromised one in any way.”

Take any data breaches seriously: “If you’re notified of a data breach, don’t ignore it. A breach in one place can expose other accounts, quick action is essential. If work credentials are involved, report it and consider enforcing password resets across your organisation.”

Enable two-factor authentication: “Using 2FA is an extra layer of security to your accounts. Even if a hacker gets your password, they won’t be able to access your account without the second step, usually a temporary code sent to your phone.”

Monitor your online accounts and banking: “Regularly review your online accounts, bank activity, and credit reports for anything suspicious. Look out for new accounts opened in your name or unusual transactions. Detecting any fraudulent activity can help you respond before serious damage occurs.”

Use a password manager: “A password manager generates and stores strong, unique passwords for every account. It removes the need to remember dozens of complex passwords and dramatically improves your overall security.”

