How To Create A Strong Password
It’s no secret that passwords have substantial monetary value to cybercriminals. The importance of using secure, unique passwords is growing as you entrust increasing amounts of personal information to organizations and businesses that can fall victim to data breaches and password leaks. Although there may be little you can do to prevent a large-scale data breach, you can take the precaution of making sure you craft strong passwords for your online accounts.
- Do Not Use Personal Information – Don’t use your name or names of family members or pets in your passwords. Don’t use numbers like your address, phone number, or birthdays, either. These can be publicly available, on forms you fill out or on social media profiles, and easily accessible to hackers.
- Create Longer Passwords – The longer the password, the harder it may be to crack. Try for a minimum of 10 characters.
- Modify Easy-to-Remember Phrases – One tip is to think of a passphrase, like a line from a song, and then use the first letter from each word, substituting numbers for some of the letters. For example: “100 Bottles of Beer on the Wall” could become “10oBb0tW”.
- Do Not Write Them Down – Resist the temptation to hide passwords under your keyboard or to post them on your monitor. Stories about hackers getting passwords by rummaging through trash, also known as dumpster-diving, are absolutely real. Use a password manager to keep track of all your usernames and passwords. Information is stored behind one password and is encrypted.
- Do Not Use Real Words – Password cracking tools are very effective at helping attackers guess your password. These programs can process every word in the dictionary, plus letter and number combinations, until a match is found. Steer clear of using real words from the dictionary or proper nouns or names. Instead, use special characters. By combining uppercase and lowercase letters with numbers and special characters, such as “&” or “$,” you can increase the complexity of your password and help decrease the chances of someone potentially hacking into your account.
- Change Passwords On A Regular Basis – Passwords for your online financial accounts should be changed every month or two. Computer login passwords should be changed at least once a quarter. Using the same password for longer periods could put your information at risk if a data breach occurs.
- Use Different Passwords For All Online Accounts – Don’t use the same password on more than one account. If a hacker cracks it, then all of the information protected by that password on other accounts could also be compromised. Use a password generator to help create unique and strong passwords. Most password managers can also create strong passwords.
- Do Not Type Passwords On Devices or Networks You Do Not Control – Never enter your password on another person’s computer. It could be stored without your knowledge.
When using your devices on public Wi-Fi, you should avoid visiting websites that require you to log in to your account, such as online banking or shopping. When you’re on an unsecured public network, your unencrypted data could be intercepted by a nearby hacker. To protect yourself from these threats, you should always use a virtual private network (VPN), when on a public Wi-Fi connection. - Always Employ Multi Factor Authentication When Available – With multi-factor authentication (2FA/MFA), you get an extra layer of security that hackers may not be able to crack as easily, because the criminal needs more than just the username and password credentials. You may already be using 2FA without realizing it. Your debit card is an example, combining your physical card and your PIN.
If you have any further questions about password security or how you can make your MU and personal accounts more secure, feel free to send a message muncsam@millersville.edu. Remember that MU has a password portal to help manage your account. We also have MFA available to ALL users. If you need further assistance with either please send a message to help@millersville.edu.