October is Cybersecurity Awareness Month, which represents a great opportunity to highlight some important security practices that you can employ in both your professional capacity and personal life. Throughout this month, the CNYRIC will be shining the spotlight on a variety of cybersecurity awareness topics, in the pursuit of stronger everyday practices that will help you make smarter, safer decisions when online.
Strong Passwords
You’ve probably heard some variation of these comments more times than you’d care to recall:
“You need to have a strong password.”
“Your password must contain both a number and a special character.”
“Please, please, please don’t make your password ‘abcde’ -or- those letters in reverse!”
Yes, password management can start to feel overwhelming, given the persistence of cybersecurity threats, the requirements to create increasingly complex passwords, and the need to somehow memorize them all without writing them on notepads (note: please don't do that!). The Cybersecurity & Infrastructure Security Agency (CISA) has provided some background on guidance on how to create strong passwords.
The Longer, the Better
Per CISA, a strong password is comprised of at least 16 characters,
That's so Random
In addition to creating passwords that are more substantial in length, you might want to consider randomizing them as well, using what might seem like an otherwise-nonsensical string of capital and lower-case letters and special characters. Per CISA, something along the lines of:
You're so Unique
It can be cumbersome to create unique passwords with unique strings of characters, but that's kind of the point; if it's hard for you to come up with, that means it's going to be harder for bad actors to crack. Which is why you'll also want to make sure you use unique passwords for the different websites and services you use most often. The last thing you'd want is having someone figure out that one hard-to-crack password that "you use for everything," and then using it on other accounts you've shared it with as well. It's understandable if the requirements of creating multiple strong and unique passwords feels untenable, so here's a bit of good news:
Use a Password Manager
There are a lot of great, secure password managers out there whose sole existence is helping you manage all of this. Touch base with the security experts in your organization to find out which ones are the best - or if your place of business already has something on hand!
You're the First Line of Defense
Setting strong passwords is the first (and arguably, most important) defense against bad actors who intend to breach your organization's defenses. By taking the time to really make this defense as robust as possible, we all stand a greater chance of turning the threat away at the front door, and keeping our credentials as secure as possible.
Strong Passwords
You’ve probably heard some variation of these comments more times than you’d care to recall:
“You need to have a strong password.”
“Your password must contain both a number and a special character.”
“Please, please, please don’t make your password ‘abcde’ -or- those letters in reverse!”
Yes, password management can start to feel overwhelming, given the persistence of cybersecurity threats, the requirements to create increasingly complex passwords, and the need to somehow memorize them all without writing them on notepads (note: please don't do that!). The Cybersecurity & Infrastructure Security Agency (CISA) has provided some background on guidance on how to create strong passwords.
The Longer, the Better
Per CISA, a strong password is comprised of at least 16 characters,
That's so Random
In addition to creating passwords that are more substantial in length, you might want to consider randomizing them as well, using what might seem like an otherwise-nonsensical string of capital and lower-case letters and special characters. Per CISA, something along the lines of:
- cXdvZK65rf*&Jakz
- Vue8$RikA85%ZnTPao41z
You're so Unique
It can be cumbersome to create unique passwords with unique strings of characters, but that's kind of the point; if it's hard for you to come up with, that means it's going to be harder for bad actors to crack. Which is why you'll also want to make sure you use unique passwords for the different websites and services you use most often. The last thing you'd want is having someone figure out that one hard-to-crack password that "you use for everything," and then using it on other accounts you've shared it with as well. It's understandable if the requirements of creating multiple strong and unique passwords feels untenable, so here's a bit of good news:
Use a Password Manager
There are a lot of great, secure password managers out there whose sole existence is helping you manage all of this. Touch base with the security experts in your organization to find out which ones are the best - or if your place of business already has something on hand!
You're the First Line of Defense
Setting strong passwords is the first (and arguably, most important) defense against bad actors who intend to breach your organization's defenses. By taking the time to really make this defense as robust as possible, we all stand a greater chance of turning the threat away at the front door, and keeping our credentials as secure as possible.
