Skip to main content

Password Policy Guide

Strengthen your account security with strong passphrases instead of short passwords. Learn best practices for creating secure, memorable logins that meet global data protection standards and keep your property and personal information safe.

James avatar
Written by James
Updated over a week ago

Passwords are your first line of defense against unauthorised access to your devices, accounts, and personal information. In the property technology (PropTech) sector, where systems manage sensitive data such as client details, property records, and inspection reports, maintaining strong password hygiene is essential for privacy and compliance.

Why Strong Passwords Matter

As technology evolves, so do the methods used by cybercriminals to gain access to systems. Traditional short passwords or simple PINs are no longer sufficient to protect against automated attacks, password reuse breaches, and credential stuffing.
To safeguard your data and meet international security standards (such as GDPR and ISO 27001), it’s vital to use complex, unique, and secure credentials.

What is a Passphrase?

A passphrase is a longer sequence of words, numbers, or characters that serves as your login credential—similar to a password but significantly stronger.
Passphrases are easier to remember than random combinations yet harder for attackers to crack.
For example:

  • Weak password: Summer2024!

  • Strong passphrase: BlueHorseJumps!Over13Walls

Recommended Passphrase Guidelines

When creating or updating your password, follow these best practices:

Guideline

Recommendation

Why It Matters

Length

Use a passphrase with at least 8–12 characters (the longer, the better).

Longer passphrases are harder for attackers to guess or brute-force.

Character Diversity

Include characters from two or more of these categories:

• Letters (A–Z, a–z)
• Numbers (0–9)
• Symbols (!@#$%^&*() etc.)

Combining character types increases complexity and reduces risk of automated guessing.

Uniqueness

Create a different passphrase for each account or platform.

Prevents one data breach from compromising multiple systems.

Avoid Predictability

Don’t use personal details like your name, address, or company name.

Attackers often use public info to guess passwords.

Password Updates

Change your password only if compromised or suspected breach.

Frequent changes can lead to weaker habits; focus on strength and MFA instead.

Multi-Factor Authentication (MFA)

Enable MFA wherever available.

Adds an extra layer of protection beyond your password.

General Best Practices

  • Use a reputable password manager to generate and securely store your credentials.

  • Be cautious of phishing attempts or messages requesting login details.

  • Lock your device when unattended, especially in shared environments.

  • Regularly review your account’s access and permissions.

Did this answer your question?