P@55w0rdS! – Cyber Security Awareness Month 2017
Categories: Information Security Uncategorized
Creating secure passwords is critical to protecting your online accounts, your personal data, and your identity. October is National Cyber Security Awareness Month, and it is a perfect time to review your passwords!
Through websites and smartphone apps we shop, read email and scan social media sites, review credit card transactions, and check bank accounts. In the process, we create and maintain a number of passwords. Today’s news of companies whose databases of stored passwords are compromised quickly reminds us: no password is unimportant!
We are encouraged to create secure passwords, but what constitutes a secure password? According to Google strong passwords contain a mix of letters, numbers and symbols. “An eight-character password with numbers, symbols and mixed-case letters is harder to guess because it has 30,000 times as many possible combinations than an eight-character password with only lower case letters.”[1] But it may be a challenge to remember each unique password! If you create password from a mix of random characters, you may find yourself writing them down to ensure you don’t forget it. StaySafeOnline[2] recommends to “focus on sentences or phrases that you like to think about and are easy to remember.” I like to choose lyrics of favorite songs. For example, using the OSU Alma Mater I might choose the first letter of the opening lyrics: Proud And Immortal Bright Shines Your Name. So it would look like ‘paibsyn.’ Then I would adjust it to include some capitalized letters, a number and symbol. Such as “Pa!bsyN2017”. Keep in mind, when adding a number to your password, it is recommended to avoid using a number of importance such as an anniversary or birthday.
Another recommended practice for securing your accounts and your passwords is to enable two-factor authentication which adds a layer to your login process. Many sites, such as Google, Apple and credit card companies, now use this feature either as an option or as a mandatory practice. For example if I log into my Gmail account from a new device, I receive a text message with a code I must enter before I can access my email. This helps prevent hackers from accessing your account as it is one more step to access your personal data.[3]
Following these practices to maintain secure passwords may not prevent your personal information from being compromised, but it will make it harder for cyber criminals. Your online security should always be a priority. It’s far easier to protect yourself now then after your data has been compromised.
[1] https://support.google.com/accounts/answer/32040?hl=en
[2] https://staysafeonline.org/cybersecure-business/protect/
[3] https://www.dhs.gov/blog/2015/10/13/staying-protected-while-always-connected