The UK’s National Cyber Security Centre (NCSC) has published explicit guidance designed to support retailers, hospitality providers and utility services in protecting both themselves and their customers from the growing impact of cyber-crime. The guidance emphasizes the need to add extra layers of security on top of passwords, such as multi-factor authentication, OAuth 2.0 or single sign-on, FIDO2, or one-time passcodes.