Use this page to make sure you're getting the most out of using passwords.
Your charity’s laptops, computers, tablets and smartphones contain important and sensitive data. This could be personal information about your beneficiaries to details of your online accounts. This data must be available to you, but not available to unauthorised users.
Passwords are free, easy and effective. They prevent unauthorised users from accessing your devices. But there's a lot of confusing advice around. So stick to these principles that we learned from the National Cyber Security Centre.
Set a screen lock password, PIN, fingerprint or face unlock on your mobile devices.
Password protection is not just for smartphones and tablets. Make sure your laptops and computers are password protected as well.
You should also make sure to encrypt your computers. This is different from adding password protection. Most modern devices have encryption built in. Check to make sure it’s turned on and set up properly (configured). Follow the guidelines from your operating system (such as Windows).
Use two-factor authentication (also known as 2FA) for any of your accounts if you have the option. It adds a large amount of security for not much extra effort. Two-factor authentication requires two different methods to 'prove' your identity. Generally, this is a password plus one other method. For example, a code sent to your smartphone that you must enter as well as your password.
Strong passwords help to protect your charity’s valuable data. Make sure you tell trustees, staff and volunteers how to set secure passwords. Passwords should be easy to remember, but hard for somebody else to guess.
Your charity’s IT systems must generate a unique password for each user. The systems must not need trustees, volunteers or staff to share accounts or passwords.
Change all default passwords before distributing devices within your charity. Manufacturers set default passwords on equipment like smartphones and laptops. People often forget to change them.
Last reviewed: 02 March 2021
Help us improve this contentGet regular updates on NCVO's help, support and services