Strong Passwords

Jun 10, 2020 | Cyber Awareness

password examples

The video portrayed here takes a witty and fun approach to cybersecurity awareness. The lighthearted video provides a fun twist on the different perspectives on password security.

The characters in the videos portray three points of view:

  • (Sid) Hyper vigilant and paranoid – Although not (always) true, this is the person non-security people think of when they hear the words “Mandatory Security Awareness Training”. What the non-security people think about these people is, “yeah, security is important, but don’t you think we’re being a little too paranoid?“
  • (Dave) Oblivious and carefree – Also not (always) true, this is the person that security people think of when they hear people say “Mandatory training again? Oh boy.” The security people think, “yeah, security is important, don’t you think you should take it more seriously?”
  • (Laura) The final point of view is the most relatable – it’s you. You want to do the right thing and take security safely. You want to protect the business and yourself, but you don’t need it shoved in your face and you certainly don’t want to ignore it altogether.

The key points mentioned, if implemented throughout the organization can dramatically reduce risk of compromise.

Consider embracing the following changes to help strengthen your password hygiene:

  1. Don’t write or print passwords on paper or in unsecured digital files. This makes it easy for any person that walks by your desk or takes your cell phone to access all of your account information.
  2. Replace those sticky notes with a password manager. A password manager can assist in storing your unique passwords in a SECURE way. It will eliminate the sticky note on your desk or the note created in your phone. It can also help you create strong passwords for you.
  3. Use long, random, but memorable passwords – also known as passphrases. For example, “CherryWireSparking2!” is strong because it is 20 characters long, random, and contains capital letters, a number and a symbol.
  4. Don’t use the same password everywhere. Try to use unique passwords everywhere you login. If one website or company gets hacked, and the passwords are leaked, then all accounts using that same password are at risk.
  5. Where possible, use multi-factor authentication (MFA). If a password is known, then the second (or third) “factor” of authentication is an additional layer of protection. A good resource for checking if MFA is available on different services is https://twofactorauth.org/.

80% of hacking-related breaches involve compromised and weak credentials. 29% of all breaches, regardless of attack type, involve the use of stolen credentials. By embracing the above changes, you can greatly decrease your odds of becoming part of the statistic.