Happy National Pet Day! Paws-word change recommended as we celebrate our pets today.

On National Pet Day (11th April 2021), the NCSC is encouraging people to use three random words for passwords rather than the names of their pets.

As we celebrate National Pet Day today, Cyber experts have urged people to follow best practice by making passwords with three random words after revealing 15% of British people use their pet’s name to protect accounts.

Results of independent polling on behalf of the National Cyber Security Centre (NCSC), a part of GCHQ, was released ahead of National Pet Day on Sunday 11 April.

The survey of UK passwords showed they are often made up of things people can easily predict – such as their pet’s names (15%), family members’ names (14%), a significant date (13%) or their favourite sports team (6%).

6% of the UK admitted using ‘password’ as all or part of their password – meaning millions of accounts could be easily breached by criminals using trial-and-error techniques of common codes.

The cross-government Cyber Aware campaign recommends using passwords made up of three random words and saving these in an internet browser.

NCSC Director for Policy and Communications, Nicola Hudson, said:

“We may be a nation of animal lovers, but using your pet’s name as a password could make you an easy target for callous cyber criminals.
“I would urge everybody to visit and follow our guidance on setting secure passwords which recommends using passwords made up of three random words.
“You can even use our Cyber Action Plan tool to generate tailored, free of charge advice to improve your security against online attacks.”

In a sign of how important it is to secure accounts, 27% also revealed they now have at least four more new password-protected accounts than this time last year – with 6% reporting to have added in excess of 10 new accounts in the last 12 months.

Predictable passwords can be easily cracked by hackers, who could force their way into your accounts by simply guessing common pet names.

The Cyber Aware campaign advises individuals and organisations to follow the following best password practices:

  • Use a strong and separate password for your email. If a hacker gets into your email, they could reset your other account passwords and access information you have saved about yourself or your business. Your email password should be strong and different to all your other passwords.

  • Create strong passwords using three random words - when you use different passwords for your important accounts, it can be hard to remember them all.

  • Do not use words that can be guessed (like your pet’s name). You can include numbers and symbols if you need to. For example, “RedPantsTree4!

  • Saving your passwords in your web browser will help you manage them and can protect you against some cyber crime, such as fake websites.



Please report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to

Report SMS scams by forwarding the original message to 7726


The East Midlands Cyber Resilience Centre is non-for-profit and is Policing-led. We provide a range of affordable cyber resilience services with the very current knowledge and technical expertise from the UK's top university cyber talent. Our services help SMEs and therefore supply chain prepare and improve cyber resilience.

Sign up for FREE membership here.


The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.