Security Resources
A curated list of 20 trusted internet security resources. These cover passwords, phishing, data protection, and web security from recognised organisations including the UK NCSC, ICO, OWASP, and NIST.
UK government and public safety
Official UK government advice on staying secure online, covering passwords, software updates, and two-factor authentication.
The NCSC's recommended approach to creating memorable but strong passwords using three random words.
Guidance from the NCSC on why and how to use a password manager to keep your accounts secure.
How to report suspicious emails to the NCSC. Forward phishing emails to report@phishing.gov.uk.
Report fraudulent websites to the NCSC so they can be investigated and taken down.
The official GOV.UK page for reporting phishing emails, text messages, and suspicious websites.
Report phishing attempts to Action Fraud, the UK's national reporting centre for fraud and cyber crime.
Free expert advice on online safety for individuals and small businesses in the UK.
Practical password advice from Get Safe Online, including tips on creating and managing strong passwords.
A tool to check whether a website is likely to be legitimate or potentially fraudulent.
Privacy and data protection
The UK Information Commissioner's Office guidance on information security under the UK GDPR.
Practical steps from the ICO to help small organisations keep their IT systems safe.
Developer and web security
The most critical web application security risks, maintained by the Open Worldwide Application Security Project.
Best practices for securely storing passwords, including hashing algorithms and salting techniques.
Guidance on implementing secure authentication in web applications.
The US National Institute of Standards and Technology guidelines on digital identity and authentication.
Password guidance from the US Cybersecurity and Infrastructure Security Agency.
A free tool to scan your website's HTTP headers and check for security best practices.
Useful tools and standards
Google's data on unsafe websites, including phishing sites and malware distribution.
Check whether a password has appeared in a known data breach. Created by security researcher Troy Hunt.
Visual check for common and predictable 4 digit PINs. Runs locally in your browser.
PINs and device security
UK government guidance on passwords and PIN advice.
Advice on keeping your phone and PIN secure.
What to do if someone knows your PIN or you suspect fraud.
Research background on how common certain 4 digit PINs are (Nick Berry).
External links are provided for convenience. We do not control third party sites.
Last updated: 14 February 2026