Cyber Security Awareness Month – Week Two
By Daniela Cooper, on 12 October 2022
It is week two of Cyber Security Awareness Month and this week is all about using strong passwords and a password manager. There is also another opportunity to win an Amazon voucher.
Using Strong Passwords and a Password Manager
Let’s say you need to create a new password that’s at least 12 characters long, and includes numerals, symbols, and upper and lowercase letters. You think of a word you can remember, capitalize the first letter, add a digit, and end with an exclamation point. The result: Strawberry1!
Unfortunately, hackers have sophisticated password-breaking tools that can easily defeat passwords based on dictionary words (like “strawberry”) and common patterns, such as capitalizing the first letter.
Increasing a password’s complexity, randomness, and length can make it more resistant to hackers’ tools. For example, an eight-character password could be guessed by an attacker in less than a day, but a 12-character password would take two weeks. A 20-character password would take 21 centuries.
Having a unique password matters because people often reuse passwords across multiple accounts. Attackers take advantage of this, once they have one password, they will try it across multiple accounts.
It is impossible to remember all the different unique passwords we need for all the accounts we have these days, a secure and easy way to store passwords is to use a password manager like LastPass.
Password Security Tips
- Never reuse passwords – Create a unique, strong password for each account or device. This way, a single hacked account doesn’t endanger other accounts.
- Don’t share passwords – You can’t be sure someone else will keep your credentials safe. At work, you could be held responsible for anything that happens when someone is logged in as you.
- Create complex, long passwords – Passwords based on dictionary words, pets’ names, or other personal information can be guessed by attackers.
- Don’t write them down – Many make the mistake of writing passwords on post-it notes and leaving them in plain sight. Even if you hide your password, someone could still find it. Similarly, don’t store your login information in a file on your computer, even if you encrypt that file.
- Don’t save login details in your browser – Some browsers store this information in unsafe ways, and another person could access your accounts if they get your device.
- Use a password manager – These tools can securely store and manage your passwords and generate strong new passwords. Some can also alert you if a password may have been compromised.
See these short videos on password security from Proofpoint:
https://share.vidyard.com/watch/qL2mFJUD3ktKHZP5W56mdz
https://share.vidyard.com/watch/LLbauNmNYiEfudfAfaeqHm
Quiz
Be in with a chance to win a £20 Amazon voucher by answering the following question:
What is an example of a password manager?
Send all entries to isg@ucl.ac.uk with the subject line: Cyber Security Awareness Month – Week Two.
Entries will only be accepted from UCL email addresses.
*Thanks go to Proofpoint for helping to provide some of the content for this year’s Cyber Security Awareness Month.