Charitable organizations handle sensitive information every day. We manage donor databases, staff records, online banking credentials, and more. We work hard to steward these resources well, but many of us overlook one of the simplest and most critical lines of defence: strong passwords.
Hive Systems has released its annual Password Table for 2025, showing how quickly different types of passwords can be cracked using today’s technology. The difference between a secure password and a vulnerable one isn’t measured in years—it can be seconds.
Why This Matters for Charities
While we may not consider ourselves high-profile targets, Christian charities are far from immune to cyber threats. Bad actors don’t always discriminate; they look for weak points. Reused or weak passwords are, unfortunately, one of the most common vulnerabilities in any organization.
A compromised account can lead to:
- Unauthorized access to donor or financial data.
- Fraudulent emails are sent in your name.
- Loss of trust with your community.
“But I’ve Never Had a Problem…”
That’s what most people say—until it happens. The truth is, cyber threats don’t always look dramatic. Many data breaches happen quietly, often going unnoticed for weeks or months. If your passwords are easy to guess or if you use the same one across multiple accounts, your risk increases significantly.
What Makes a Good Password?
A strong password is:
- Long – aim for at least 12–16 characters
- Unique – never reused across accounts.
- Random – not based on your pet’s name, birthday, or anything guessable.
- Memorable – something you’ll remember but isn’t obvious to others.
Some of my best passwords are movie or TV quotes. They’re certainly long enough, and they include capitals and lowercase letters. Spaces count as special characters for most websites these days.
A password manager app is your best bet for keeping track of strong passwords. These tools store your credentials securely and can generate complex, random passwords for each site you use.
Note: While saving passwords in your browser may be convenient, it’s not secure. Browsers store them in plain text, making them vulnerable if your device is compromised.
What You Can Do Today
- Audit your passwords
Take some time to review your most important logins—email, donation platforms, cloud storage, etc. Are the passwords strong? Are they reused? Are they written down on a Post-It stuck to your monitor or under your mouse pad/desk mat? - Change any weak or reused passwords
Use a password manager or write down your passwords temporarily and store them securely until you can move to a better system. - Encourage your team to do the same
Good password habits only protect you if everyone’s on board.
Stewardship Includes Cybersecurity
As stewards of our organization’s resources and relationships, we’re called to guard what’s been entrusted to us—not just in the physical world but also online. Let’s not leave the door unlocked.
Share this post
