Per Thorsheim, Strawberry’ Security Manager, is a world-renowned authority in network security and passwords. Here he gives his 6 best tips to improve your online security.

Strawberry editor Stephanie Owusu interviews Per Torsheim.


In 2017, Per Thorsheim became our security manager, but before that he had a long and successful background in the industry and is considered one of the world’s leading security and password experts. He is also a course leader, lecturer and founder of the world’s largest password conference: PasswordCon.


Passwords and authentication concern everyone


Per says he has never come across an IT issue that daily affects people as much as passwords and authentication.


– Think about it: how often do you check your phone during the day and enter a code? Or how many times do you log in to different accounts with passwords? How many times have you forgotten your password, and been forced to click on ”Forgot Password?” asks Per.


Can he guess my password?


Before the interview begins, Per asks me:


– Don’t tell me your password, but I guess that it probably consists of 8 letters, maybe a few more. It is quite likely that the first letter is a capital and the rest are lower case. The last two or four digits are probably a number, probably based on a date or year, says Per and continues:


– Your password is most likely to be something personal to you, such as a name or nickname and maybe the year that you, or someone close to you, was born?


Per hit the nail on the head. Without revealing anything, I became aware of how easy it is to figure out other people’s passwords, if you know about the password formula, of course.


How we as a hotel company work with online security


– When it comes to IT security, we at Strawberry do what most companies do. We use a combination of technical features (firewalls, antivirus software, etc.) and employee training. It’s important for me to make employees aware of password usage and general internet security, says Per.


Per Torsheim’s top tips for surfing safely


1. Long passwords are better than short ones


First, Per shares a simple tip for creating a secure password: find something that’s easy to remember, personal, preferably a positive experience from your life which you won’t forget.


– If you create a long and safe password, you are on the right track. When people ask me what a good password is, I say they should write a sentence. It does not matter how long it is, because a sentence often contains several words. There are also the spaces between words, and often upper case letters and other special characters such as commas, punctuation marks, and exclamation marks are included.


2. How to remember your password


– A password should be easy to remember, but hard for others to figure out. I recommend that your password be written as a sentence with letters, spaces and special characters. Feel free to choose a positive experience from your life that you remember well, for example: ‘I enjoyed my vacation in the summer of 2013!’


3. What to avoid when choosing a password


  • NEVER use the same password for several different internet services.
  • Keep the passwords you use at work and at home separate. Never use the same passwords for both.

4. Write down and save your password at home


Memorise the passwords you need every day – the rest you can write down and have at home (but don’t keep passwords in your wallet). If you have completely switched to digital, you can use Password Manager, an app that stores your passwords for you.


5. Don’t change your passwords too often


Per offers a piece of advice that goes against what you often read – DON’T change your password too often:


– Up until 2012, I might have recommended changing your password once a year, but there is no good argument for that anymore,” said Per. “In fact, it negatively impacts productivity when it comes to your job, and only creates extra work when you are forced to change your password often. You can’t think of something new and creative, so you forget it. But, of course, you should always change your password if it has been hacked.


6. Be critical and avoid things that seem too good to be true


– Here I’d like to return to that classic saying that if an offer is too good to be true, then it probably is, says Per, continuing,


– Luxury products at a 70% discount? An iPad for 1 SEK? It never happens and will probably never happen in the future either. Avoid appealing, limited-time deals that are sent to you by email, over the phone and on websites with highly discounted prices, concludes Per.




Per Thorsheim


Per Thorsheim expert of passwords


Age: 46


Title: Security Manager, Strawberry


Background: The world’s leading password expert, now working as Security Manager at Strawberry. Has been involved in password and IT security as both work and a hobby for over 18 years.