Site icon Cyber Security & Awareness

QST-Unit4-Question2

I choosen subject: “Create or find a classroom resource that teaches students about creating strong passwords, passcodes or passphrases.”.

Many people still overlook the power of their passwords and naively assume that a simple sequence such as bigblackcat or qwerty1234 protects them from cybercriminals. Regardless of your industry or your organization’s level of built-in cybersecurity protection, simple passwords are nothing but trouble for your employees, network, and data.

It’s important that every password your employees use is unique and uses a combination of upper- and lowercase letters, numbers, and special characters. This includes not just the passwords employees use to login to your network, email, and cloud applications, but also their personal passwords for social network sites, personal email, online banking, and e-commerce sites.

Remember, company employees can access both personal and company websites and apps on company laptops, smartphones, and mobile devices and personal equipment if you have a BYOD policy. Every login is a chance for a cybercriminal to hack into the company network and steal data.

Take advantage of World Password Day to remind your users of the risks that come with passwords and provide them with actionable advice on how they can create strong passwords. As part of your security awareness training and campaigns, use micro- and nano-learnings targeted to password security and newsletters and posters to remind employees of the fundamentals of a strong password.

To help you with this we’ve put together strong password tips, advice, and best practices that you can share with users in newsletters, posters, and emails. Download the Protecting your data with a Strong Password Kit for more password resources that you can share with those who access your systems.

Remember These Strong Password Best Practices

  1. Do not use sequential numbers or letters

For example, do not use 1234, qwerty, jklm, 6789, etc.

  1. Do not include your birth year or birth month/day in your password

Remember that cybercriminals can easily find this information by snooping into your social media accounts.

  1. Use a combination of at least eight letters, numbers, and symbols

The longer your password and the more character variety it uses, the harder it is to guess. For example, M0l#eb9Qv? uses a unique combination of upper- and lowercase letters, numbers, and symbols.

  1. Combine different unrelated words in your password or passphrase

This makes it difficult for cybercriminals to guess at your password. Do not use phrases from popular songs, movies, or television shows. Use three or four longer words to create your passphrase. For example, 9SpidErscalKetobogGaN.

  1. Do not use names or words found in the dictionary

Substitute letters with numbers or symbols to make it difficult to guess the password. Or deliberately use spelling errors in the password or passphrase. For example, P8tty0G#5dn for “patio garden.”

  1. Use a password manager to store your passwords

Do not store your passwords in a document on your computer. Make sure you’re using the password manager tool provided to you by the IT/support team to store all professional and personal passwords.

  1. Do not reuse your passwords

Every device, application, website, and piece of software requires a unique and strong password or PIN. Remember, if a cybercriminal does guess one of your passwords, they will use this to attempt to hack into all of your personal and professional accounts.

Remember never to share your passwords with anyone. This includes your colleagues, the IT/support team, customer service/helpdesk personnel, family members, and friends.

Also, be aware of phishing emails, smishing texts, and vishing calls that ask for your password information – do not reply or provide any personal information including your password, date of birth, address, or credit card details.

Information You Should Never Include in Your Passwords

When updating and creating new passwords, please do not include the following information in your passwords:

Cybercriminals research their victims online looking for clues that can help them hack your password. And they will any clues about you, where you live, your interests, and your family to strategically guess at your password.

If any of your passwords use any information linked to you personally, please take a few minutes to update your passwords following our strong password best practices.

How To Keep Your Social Media Password Protected and Secure

Many websites, applications, and tools now allow you to login using your Facebook, Twitter, Instagram, or other social media account. This adds convenience to the average web user’s experience since you do not need to create a new username and password. However, using this feature makes you vulnerable to social network data breaches.

Once a cybercriminal has your Facebook account credentials, they can access any other websites, applications, or tools that you have logged into with Facebook.

And this is exactly why we want you to remember these five tips on how to keep your social network passwords protected and secure:

Above all else, be suspicious and cautious. Do not trust emails promising you to reset your password. No company will ever send you an unprompted password reset or account validation email. If you’re in doubt about a friend request or chat message – ignore the message and contact your friend over email or text message to alert them to the suspicious request.

 

 

Exit mobile version