Cybersecurity Awareness Month - Passwords

October has been designated as Cybersecurity Awareness Month since 2004. Spearheaded by CISA (Cybersecurity and Infrastructure Security Agency), this month is all about bringing awareness to cybersecurity and providing information so people know how to protect themselves.

This first week has the theme of "Be Cyber Smart." or #BeCyberSmart

One of the simplest ways that you can protect yourself and your data is to be smart with password management. Password management does not just mean where you store your passwords but it also refers to how you create your passwords and whether or not you follow the advice of experts to never reuse passwords.

Here are some tips from CISA on how you can be better at password management:

• Use a long passphrase. According to National Institute of Standards and Technology (NIST) guidance, you should consider using the longest password or passphrase permissible. For example, you can use a passphrase such as a news headline or even the title of the last book you read. Then add in some punctuation and capitalization.
• Don’t make passwords easy to guess. Do not include personal information in your password such as your name or pets’ names. This information is often easy to find on social media, making it easier for cybercriminals to hack your accounts.
• Avoid using common words. Substitute letters with numbers and punctuation marks or symbols. For example, @ can replace the letter “A” and an exclamation point (!) can replace the letters “I” or “L.”
• Keep your passwords on the down-low. Don’t tell anyone your passwords and watch for attackers trying to trick you into revealing your passwords through email or calls. Every time you share or reuse a password, it chips away at your security by opening more ways with which it could be misused or stolen.
• Unique account, unique password. Having different passwords for various accounts helps prevent cyber criminals from gaining access to these accounts and protect you in the event of a breach. It’s important to mix things up— find easy-to remember ways to customize your standard password for different sites.
• Double your login protection. Use multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. Enable MFA by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. Read CISA's Multi-Factor Authentication How-to Guide for more information.

Image Credit: Gerd Altmann from Pixabay