May 6th, 2021 is World Password Day! The day was first created by Intel back in 2013 to promote good password hygiene. Good and strong passwords work to protect devices, application, and accounts from unauthorized access. Listed below are some useful tips:
Never share your password with anyone:
- This reduces the amount of individuals who have access to your account and vectors of where your password could be taken away.
Don't reuse your university password for non-university accounts:
- Using a unique password for every online service reduces the impact of all accounts if one of them is compromised.
Create a long password:
- Consider it a pass-phrase, creating a long password makes it harder for hackers to crack the password.
Don’t use personal information:
- Using personal information will give hackers clues as to what the password it. It’s possible for some of the information to be found online as well.
Don’t use dictionary words:
- Common words or passphrases can be easily cracked. Use a combination of numbers and special characters to create more complexity.
Don’t write down your password:
- Passwords can be stolen if written down and placed on a keyboard, desk, etc. People can acquire your password by visiting your workspace. Same goes with saving it digitally without encryption.
Use a password manager:
- Password managers securely store passwords and data in one location so you don't need to remember them all. One password is used to sign into the password manager account.
- LastPass Enterprise is available for the UCI campus to use. For more information, please visit the UCI LastPass Enterprise Informational Page.
- Even the best password can still be stolen, multi-factor authentication adds an additional layer of security greatly reducing the impact. Especially important to enable it on your password manager.
- For university accounts use Duo, for other online accounts enable if available.
Change your password on regular intervals:
- If you can't use multi-factor authentication, periodically change your password as it may have been involved in a past security breach that you are unaware of.