Let’s keep Passwords Locked up and Protected

We have heard this for years – it is critical

Creating strong passwords offers greater security for minimal effort.
Think of Password as the “lock on your home” Would you put a $2 lock on your home and expect it to keep everything you own AND your family safe?

Probably not…. So why use a $2 password like 1234 to protect your bank account or credit card? Once the “theft” figures out your password – they can clean out your bank account OR max out your credit card.
Side note – keep your bank balance low, credit card balance low
How do you make and manage stronger passwords????

  • PLEASE do not use 12345
  • Create a strong, unique password and PIN for every account and device. Yes, this means – for your credit card; bank long on; any another “programs” you have to have a unique username and password for.
  • If one password or PIN is exposed, your other accounts and devices are not at risk
  • KEEP the information SECRET
  • Shield your keyboard or keypad when logging in; have the “hide” function enabled so the information is not showing when you key it
  • Avoid saving passwords in your browser. Instead, consider a password manager to manage all those unique logins. (Check with your organization before using one at work)
  • You probably ’need’ 12 characters long, have numbers, symbols, and upper/lowercase letters
    • Random digits, letters is almost impossible to remember
    • We say –don’t write it down – this can be found by unfriendly folks
    • SO what do you do – make it a Pass Phrase —
        • Pick a word that you can remember i.e –Strawberry33#
        • A favorite movie i.e –Fas1Furi0s3!

Now, here is the downside of the above suggestions
hackers have sophisticated password-breaking tools that can easily defeat passwords based on dictionary words (like “strawberry”) and common patterns, such as capitalizing the first letter.
So — change to straWbeRry#33

  • Increasing a password’s complexity,
  • randomness,
  • and length can make it more resistant to hackers’ tools.
  • I.E – an eight-character password could be guessed by an attacker in less than a day,
    • but a 12-character password would take two weeks.
    • 20-character password would take 21 centuries.

Why Uniqueness Is Important

People tend to reuse passwords across multiple accounts, and attackers take advantage of this risky behavior.
If an attacker obtains one password—even a strong one—they can often use it to access other valuable accounts.

Here’s a real-life example: Ten years ago, Betty joined an online network group/support group
She also created an online payment account and used the same password.

She soon forgot about the networking group

BUT someone accessed her payments account years later and stole a large sum of money.
She did not realize the forum had been hacked, and that users’ login credentials had been leaked online.

An attacker probably tried reusing Alice’s leaked password on popular sites—and eventually got lucky.

Morale of this

  • Don’t use same username and password for multiple accounts
  • CLOSE OUT any unused online groups/forums you are no longer part of

Guarding Your Passwords – same way you would guard your most valuable asset:

  • Don’t write them down – Many make the mistake of writing passwords on post-it notes and leaving them in plain sight. Even if you hide your password, someone could still find it.
    • Similarly, don’t store your login information in a file on your computer, even if you encrypt that file.
  • Don’t share passwords – You can’t be sure someone else will keep your credentials safe.
    • At work, you could be held responsible for anything that happens when someone is logged in as you.
  • Don’t save login details in your browser – Some browsers store this information in unsafe ways, and another person could access your accounts if they get your device.

Educate your Family and Friends

Consider sharing what you’ve learned about passwords and ask family and friends about their cybersecurity knowledge or experiences.

  • Never reuse passwords – Create a unique, strong password for each account or device. This way, a single hacked account doesn’t endanger other accounts.
  • Create complex, long passwords – Passwords based on dictionary words, pets’ names, or other personal information can be guessed by attackers.
  • Use a password manager – These tools can securely store and manage your passwords and generate strong new passwords. Some can also alert you if a password may have been compromised.