Today’s #cybersecurityawarenessmonth tech tip is on how to make an unbreakable password. Whether its being used for social media, online shopping, or your Fordham email, here are some tips to create strong passwords fit to take on cyber criminals.
- Longer passwords are best: Now many websites require passwords be 8-16, but the longer your password is, the harder it is to crack. Using a combination of upper and lowercase letters, numbers, and symbols is integral to fortifying your accounts and protecting sensitive information.
- Don’t use personal identifying information: Information such as your name, address, or phone number can be found easily on the web making it easier for a malicious actor to guess your password without having to hack into anything. Your passwords shouldn’t be easy to guess and ideally not even words, just random symbols.
- Don’t repeat passwords: Websites encounter security breaches all the time, and often when one password for a user is exposed, hackers can often guess the passwords to all your other accounts.
- Use a password manager: People tend to reuse their passwords because it’s easier to remember, however, having a password manager such as LastPass means you can save hundreds of passwords while only needing to know one password in the vault itself. LastPass will autofill your saved passwords into their login pages and even come up with and store unique passwords for you.
- Multifactor Authentication is key: When you login into my.fordham.edu with CAS, you sign in on the computer and approve your login on a separate app on your phone; this adds another layer of protection to ensure all sign-ins are actually you.
- Make Your Passwords Hard To Guess.Avoid using pets names, family names, addresses, nicknames, birthdates. The longer the password is, the harder it is to crack. Use phrases instead of words. Use numbers and symbols as substitutes for letters. For example: F0rdh@mR@m$ instead of FordhamRams.
When Should I Change My Passwords?
If your passwords don’t meet the above criteria then it is best practice to reset them, especially if these are passwords for sensitive applications like your work email address, bank account, or healthcare portal. Even the strongest passwords can be leaked due to a data breach and if you’re victimized by a cyber attack or breach you must always change the password for that respective account. To find out if your credentials have been compromised check out haveibeenpwned.com, a great resource to see if your email can be found on the dark web. If you use a builtin browser password manager try Google’s password checkup tool or Mozilla Firefox’s password monitor to see if any of the passwords stored on your Google Chrome or Mozilla Firefox browsers have been leaked.
What To Consider For Security Questions
Knowledge-based security questions, such as what’s your mother’s maiden name, can be easily found on social media, thus it’s important to choose security questions and answers that can’t be compromised easily. When I have to make security questions (like for my.fordham.edu) I will put random answers that don’t correspond to the questions at all and save all of that in a third party password manager.
If you believe that one of your passwords has been compromised, reset it immediately using the above guidelines and contact IT Customer Care (718) 817-3999 or via email HelpIT@fordham.edu.