National Cyber Security Awareness Month: Password Safety
Oct. 12, 2015
October is National Cyber Security Awareness Month (NCSAM). Originally created as a collaborative effort between government and industry, NCSAM aims to help ensure every American has the resources they need to stay safer and more secure online. 2015 marks the 12th year of the program. For each week during the month, Webster University’s Information Technology department will highlight a topic that will help to educate and arm the community against online threats.
As more of our daily lives migrate to an online medium (banking, shopping, social networking, etc.), account security has become increasingly important. Fortunately, there are steps you can take to secure your accounts and prevent unauthorized access, starting with your passwords. Review these guidelines for keeping your online accounts safe.
1. Don’t use the same password for multiple accounts.
You may have one really complex password but if you use it for all your accounts, it takes one compromise for all your accounts to be compromised. By using different passwords for different account, you make it more difficult for others to access your account.
2. Create strong, complex passwords and passphrases.
Passwords are the weakest form of security, but are commonly used to secure access to IT systems because of cost effectiveness. The more complex you make a password, the longer it would take a malicious user to correctly determine the password to gain access. Passphrases may be longer than passwords but are easier for you to remember.
3. Change your passwords on a regular basis.
Set a password changing schedule. Some security experts suggest changing passwords on sensitive accounts every 30-60 days. (How often do you change your banking account password?) At the least, consider changing passwords every 6 months.
4. Understand what makes a password vulnerable.
- Mistyping your password into the username field. When you do this, you've just sent your password to the Internet without any encryption. The moment this happens, change your password!
- Avoid using birthdays, anniversaries, names of family members, street address, etc.
- Storing your password on your computer/smartphone.
- Using complete words.
- Using repetitive characters.
- Using any of the popular passwords.
- Using the same password across multiple accounts.
- Writing down your password. Sometimes, the variety of passwords and accounts you need to maintain makes this impractical. If you must document your passwords, protect them like you would your money.