CAB* – Step Up to Stronger Passwords (IT Training Tip)
With October being National Cyber Security Awareness Month, this month’s weekly IT Training Tips will continue to focus on the Cyber Aware Bobcat (CAB) theme. Each weekly IT Training Tip for October will contain information on how to remain alert, and how to connect with care in order to protect your online identity and the technology you use in your personal and professional life.
A password is often all that stands between you and sensitive or confidential data. It’s also often all that stands between a cybercriminal and your account. Below are tips to help you create stronger passwords, how to easily manage your passwords, and how to take one further step to protect yourself and the college against account theft.
Always: Use a unique password for each account, so if one password is compromised, it does not put all of your accounts at risk of takeover. Do not reuse your Bates password for other accounts.
Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and symbols – such as “Tr@n$cr!pt.” The “Transcript/Tr@n$cr!pt”password is difficult to hack or guess, but can be easy for you to remember. Use the trick of replacing letters with symbols or numbers to strengthen your passwords.
The following table provides some examples of some symbol and number substitutions for letters:
- Examples of Password Letter/Symbol Substitution
- Letter: a
- Symbol/Number: @
- Letter: c
- Symbol/Number: (
- Letter: e
- Symbol/Number: 3
- Letter: i
- Symbol/Number: !
- Letter: l
- Symbol/Number: 1
- Letter: o
- Symbol/Number: 0
- Letter: s
Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger – such as “BatesMaineLewistonCollege/B@t3$M@!n3L3w!$t0nC0113g3.”
Best: The strongest passwords are created by password managers – which is software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account.
Step it up! When you use two-step verification (a.k.a., multifactor or two-step authentication), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device; you receive an authorization check on your smartphone or on another registered device. Without that second piece of information, a password thief can’t get into your account. It’s the single best way to protect your account from cybercriminals.
If you find it difficult to remember multiple passwords and passphrases, consider using a password manager like the FREE Personal Edition of LastPass to help you with managing, protecting, and creating strong passwords.
CAB – Cyber Aware Bobcat
Adapted with permission from https://er.educause.edu/blogs/2016/11/may-2017-step-up-to-stronger-passwords