Too many Passwords to Remember

-
Besides personal, professional and business email accounts, most people also have several social media accounts, banking, utilities, work-related tools, laptop / network and online shopping accounts. This means a lot of places they need to log in. According to an online survey, which surveyed more than 2,000 English-speaking adults, the average person has 27 discrete online logins.

Best security practice, of course, is to have a separate password for each account. This way, if one password is stolen, not all of your accounts can be hacked, thereby protecting yourself from identity theft.

But what is the best way to safely and securely keep track of so many different passwords?

Some solid guidelines include:

  • Use long passwords that contain letters, digits, punctuation. Do not use any recognizable words or the names of your pets, children, and spouse.
  • Think of a key phrase (or even a song title) that, when abbreviated can be used at the start of all your passwords: For example, your phrase could be “I wish I were 21” – you would start all passwords with “IWiw21”.
  • Then, add on an account identifier: For example, using the previous phrase, your Facebook password would be “IWiw21_Fb”; Your Gmail password would be “IWiw21_Gm” and so on.
  • The advantage is that you can remember or work out passwords without having to write them down. If you’re still worried that you will forget, write down, or text yourself, just the last abbreviation.
  • Don’t save passwords, use “remember me” or let the browser store your password on public PC’s or unsecured PC’s
  • Keep written passwords stored securely. If you must write down entire passwords, consider keeping them in a safe or a safe-deposit box so that they’ll only be accessed by those who need to know. Better still, only make cryptic notes that will remind you. When disposing, remember to shred the paper notes.
  • Many sites now use a fingerprint or facial recognition instead of passwords – take the time to set them up, it will save time in the long run and is very secure.

If you’re curious whether your chosen password is secure or not, you can run it through an online password checker like the one at OnlineDomainTools. To highlight the importance of a lengthy, random, unique password, the online checker has specific fields to show your password’s variation in characters, its appearance in dictionaries, and the time it would take for a brute force attack to crack it.

Did you know that adding just one capital letter and one special character changes the time needed to hack an eight-character password from 2.4 days to 2.1 centuries? That’s why so many sites require that you use eight-character pass-words that contain upper- and lowercase letters, numbers, and special characters.

Additionally, most Mac and Windows Web browsers now offer to memorize passwords for you. That is a possible solu-tion if you are confident that your Mac / PC is not used by other people. The browser assist may not work on all Web sites, and may not work cross platforms, say on your phone or tablet, without additional steps. This becomes more risky when using a laptop or personal device, which can be stolen.

Another good solution is to install a dedicated password management solution such as KeePass or LastPass. These tools will store your passwords for you (and even provide random new passwords when needed). All you need is to remem-ber a single master password that grants you access to the stored data. Enter your master password once, and the password management tool does the rest.

https://www.buzzfeed.com/josephbernstein/survey-says-people-have-way-too-many-passwords-to-remember?

Popular posts from this blog

What is High Risk Confidential Information?

-
All of us are knowledge workers, with access to the College’s varied data and information. Part of our ongoing responsi-bility is data stewardship, which involves the inter-dependent concerns of Confidentiality, Integrity and Access. Confi-dentiality procedures and practices are designed to prevent sensitive information from reaching the wrong people, while making sure that the right people can get it. The College’s Information Security Policy ( https://www2.naz.edu/its/security-privacy-policies/policies/ ) classifies data into one of three levels based on its sensitivity: High Risk Confidential Information (HRCI), Confidential Information and Enterprise Data. HRCI data is highly sensitive and requires strong privacy and security safeguards due to federal and state laws and Col-lege regulations. It should not be collected or used unless absolutely required for your business function. HRCI data is intended for individual, legitimate use to support specific business processes. The ri...
Read more

Using Savedlists in a Colleague Screen

-
Do you ever have a savedlist of students that you want to process or view through a Colleague screen? For example, what if you had a savedlist of students and you wanted to check their zip code information, on NAE. In-stead of typing them one by one, you can activate the savedlist and process them that way. Here’s how: Let’s say your savedlist is called “ALL.MISSING” and it has 10 records in it. Open up the NAE screen as usual. Now you’re prompted for “Person Lookup”. Type “@SELECT” You’ve been taken to the PSC (Primary Selection Criteria) screen. Next to the prompt “Saved List Name”, enter “ALL.MISSING” (or whatever your savedlist is called) and update out of PSC.*** Next, you’ll get a confirmation message, in this case “10 records selected” Hit OK and update. You’re back at the NAE screen with the prompt “Person Lookup”. Type “@@” NAE will open the first student from your savedlist. When you are done with this student, update (or cancel) and then type “@@” to get the next...
Read more

Fix it, fix it, fix it – Important information when reporting a problem

-
Something not working quite right with your software system? The best way to notify the ITS Applications Team is by submitting a ticket via our online ticketing system. Detailed directions can be found at https://www2.naz.edu/its/report-problem or submit a ticket directly at http://usl (Note: http://usl only works on campus or when connected to VPN off campus) Problems with Colleague, Powerfaids, OnBase, Informer, Starfish, ReportExec and other apps should be directed to the “Apps Team” queue. Problems accessing S: drive folders, printers, VPN, filezilla, etc, should be directed to the TMSD team. Emails or phone calls to an individual App Team member can sit for some time if the person is out of the office or busy all day in meetings. However, the ticket queue is monitored all day. Incoming tickets are routed appropriate-ly, based on subject area, priority and available resources. Someone will see your ticket right away. All of the tickets will initially be re-assigned to you...
Read more