October is Cybersecurity Awareness Month and a good opportunity to reflect on how to protect ourselves against cybersecurity attacks and what we can do better.
A strong password is one of your best defenses against cyber attacks. Creating a strong and unique password for each online account, and changing them with relative frequency, greatly reduces the chance of your online data being stolen.
When you’re creating a new password, keep in mind a few guidelines to make sure your password is good enough:
- The longer the better. The National Institute of Standards and Technology recommends that your password is at minimum 8 characters long.
- Use lots of different characters. Using a combination of uppercase letters, lowercase letters, numbers, and special characters is essential to creating a strong password. Avoid using common letter/symbol substitutions like @ for a or ! for 1 because it’s too predictable.
- Make your password unique. Your password shouldn’t be easy to guess, so avoid common password tropes like birthdays or pet names, and definitely make sure your password isn’t on this list! Try to come up with something you’ll remember that is better than “password123” or “987654321”. Maybe come up with a sentence, phrase, or acronym and throw in some unique characters. “I have always wanted to swim in the ocean” becomes “IHAWTSITO” becomes “Ih4W2sIt0!”
- Use a different password for each account. The name of the game with passwords is uniqueness. Make sure each account has a unique password. If you use the same password for all your accounts, when one account becomes compromised, your entire online presence and all your personal data are free for the taking.
- Change your password frequently. No matter how strong your password is, you’ve got to keep it fresh. Change your password every 4-6 months, even when it’s not prompted.
- Keep your password private. Don’t share your password with anyone, even your best friend. If someone figures out your password, change it immediately.
If this all sounds like too much and you don’t feel great about coming up with passwords and remembering them all, you may want to consider using a password manager. Password managers can take all the effort and pain out of creating and memorizing passwords. With one master password, you can access, generate, and store strong passwords for any number of accounts. And (bonus) they can protect you against keyloggers, a form of malware that can steal your password by logging keystrokes. There are a lot of password managers out there, so do your research about which one is best for you. Some commonly used ones are LastPass, Dashlane, and Keeper. Whichever you choose, remember that your master password will grant access to all of your login information, so make sure the master password is very strong, complex, and unique, and use multifactor authentication if possible.
For more information on cybersecurity tips and protecting yourself from online attacks, check out the Loyola University Chicago ITS page and the University Information Security Office. And don’t forget to follow us on Twitter @LoyolaITRS for real-time updates on educational technology at LUC and future blog posts!
Article by: Meg Mandolia