Passwords are one of the ways we prove who we are on the network/system. Having a strong, unique password for each of your devices, online accounts and applications is a key strategy for protecting your online identity.
- A strong password means it cannot be easily guessed by hackers or by their “brute force” automated programs. Instead of a single word, use a long passphrase of multiple words with some symbols and numbers thrown in for good measure.
- A unique password means using a different password for each device and online account. This way, if one password is compromised, all your other accounts and devices are still safe. Food for thought: Do you really want your Google, Facebook, or Pinterest account password to be the same as your Bank or Investment account password?
Examples of a passphrase:
I love shopping 1L0v3$h0pp1ng
Let’s go fishing L3tsg0Ph1$hing
Remember, it is everyone’s responsibility to ensure the network and the information on the network is secure.
Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
Starting the new school year and setting up new passwords? Consider using a Passphrase. Passphrases are the strongest type of passwords and the easiest to remember. Simply use an entire sentence for your password, such as “What time is coffee?” By using numbers, punctuation, and special characters in place of regular letters, you create a long password that is hard to guess but easy to remember.
Seen by others, over the shoulder compromise
So, should you ever change your password? Well, sometimes. If you have reason to believe your password has been stolen, you should change it, and make sure you change it on all of your accounts where you use the same or a similar password. If you shared your password with a friend, change it. If you saw someone looking over your shoulder as you were typing your password, change it. If you think you might have just given your password to a phishing website, change it. If your current password is weak, change it. If it will make you feel better or if you just feel like it’s time for a change, then by all means go ahead and change your password.
Regardless of why you are changing your password, choose a new password unrelated to the old one and don’t reuse a password from another account. Under some circumstances there may be other steps you should take as well to make sure your system or account has not been compromised in a way that will render your password change ineffective.