For the past twenty years, the concept of “security” has been slowly moving to incorporate digital goods and valuables. Thieves no longer need to break locks and glide down from a ceiling to steal what is ours. Theft went virtual.
In light of the COVID-19 pandemic, it is important – more than ever – to practice good password hygiene in order to prevent account compromise. As a result of the pandemic, the World Health Organization has reported fivefold increase in cyber attacks. There is, however, one key thing that can prevent hackers from accessing your information: your password!
Stay safe while working online with these 5 tips that will make it harder for hackers to crack down on your password:
-
Don’t reuse passwords
We recommend using one password per website/online service when possible. Hackers often use already compromised passwords to attempt to hack into other services using the same username.
-
Change your password regularly
If your password has been already exposed in a 3rd party breach, it could be used to probe different accounts you own. A list of the breaches by year can be found here.)
Haveibeenpwned.com is a good way to check if your email accounts have been exposed in a breach.
-
Use a passPhrase (not a passWord)
According to SplashData and Wikipedia, the top 25 most common passwords of 2019 still contain “123456” and “password”.
A password is a word or a combination of a word and special characters, numbers usually less than 8 characters. Passphrases generally contain several words and special characters, numbers and are more than 8 characters long.
An example of a password would be “Password123!” while a passphrase would be “IhaveaStrongPassword2010#” – these are examples only – please do not use them.
Hackers “crack” passwords all the time. Using a powerful computer program, they can try different combinations of words, letters and numbers to find a valid password for an account.
Visit this page to see how long it would take to crack your password. Take note of how time increases when adding numbers and special characters.
-
Don’t use personal information that can be guessed or obtained online
Hackers often search information about their targets online. Don’t use a password that can be easily guessed by looking at your social media profiles.
As this article shows, people still use pets or things related to their childhood as passwords.
-
Whenever possible use an extra layer of security such as multi factor authentication
Multi-factor authentication, as the name suggests, uses more elements to allow you to log in to a service. Usually it is something you have (your phone, hardware token) and something you know (password, pin number). It can also be a part of you (fingerprint, iris scan) or a combination of the three. Multi-factor authentication is always a great means of added protection.
Chapman University provides two factor authentication for students, staff and faculty for free.
To sign up, please visit 2fa.chapman.edu or scan the image below with your phone’s camera.
For more information, read IS&T’s blog post on the most recent scams and hacks. Visit the IS&T security website to stay up to date with the latest security alerts.