This week’s National Cyber Security Awareness Month (NCSAM) article focuses on password security. Many people find it annoying or impractical to continuously change their passwords because it is difficult to remember new passwords and to keep track of the many unique passwords for different sites. For this reason, users often resort to creating simpler and far less secure passwords. Yet these simple passwords make it easier for hackers to breach personal information.
To create a secure password that is easy for you to remember, whether in the office or at home, follow these simple steps:
1. Do not use personal information: You should never use personal information as a part of your password. It is very easy for someone to guess things like your last name, pet’s name, and child’s birth date.
2. Do not use real words: There are tools available to help attackers guess your password. With today’s computing power, it doesn’t take long to try every word in the dictionary to find your password, so it is best if you do not use real words for your password.
3. Mix different character types: You can make a password much more secure by mixing different types of characters. Use some uppercase letters along with lowercase letters, numbers, and even special characters such as “&” or “%.”
4. Use a passphrase: Rather than trying to remember a password created using various character types, you can use a passphrase. Think up a sentence or a line from a song or poem that you like and create a password using the first letter from each word. For example, rather than just having a password like “yr$1Hes,” you could take a sentence such as “I like to read the About.com Internet/Network Security web site” and convert it to a password like “il2rtA!nsws.” By substituting the number “2” for the word “to” and using an exclamation point in place of the “i” for “Internet,” you can use a variety of character types and create a secure password that is hard to crack, but much easier for you to remember.
Using the tips above will help you create passwords that are more secure, but you should also adhere to the following tips:
1. Use different passwords:You should use a different username and password for each login or application you are trying to protect. That way, if one gets compromised, the others are still safe. Another approach, which is less secure but provides a fair tradeoff between security and convenience, is to use one username and password for sites and applications that don’t need the extra security, but use unique usernames and more secure passwords on sites that do, such as your bank or credit card companies.
2. Change your passwords: You should change your password at least every 30 to 60 days, and don’t reuse a password for at least a year.
3. Default passwords: Upon receipt of a “default” password, change your password immediately. Default passwords that have not been changed are one of the most common ways of compromising an account and/or system.
For National Cyber Security Awareness Month, the University of Miami Information Technology (UMIT) department is sharing important information, tips, and resources that will focus on different cyber security issues, including cyber crime, mobility, and online safety. This year marks the 11th anniversary of NCSAM, sponsored by the Department of Homeland Security and the National Cyber Security Alliance.
If you have questions or concerns related to this topic, please contact: email@example.com.
When in doubt, immediately call the UMIT Service Desk:
o Coral Gables/Rosenstiel campuses: 305-284-6565, firstname.lastname@example.org
o Medical campus: 305-243-5999, email@example.com