Lansing Community College

Celebrate National Cyber Security Awareness Month by checking your passwords

October is National Cybersecurity Awareness Month, and you can celebrate the month by reviewing your password practices. Step 1: Stop reusing passwords! Why? Because 80% of people do this and criminals know it. They examine previous breaches and find your breached passwords then try them (and subtle variations for those who increment a number or year at the end of the password) at every website possible.

How do you know if your password is on the internet? A website called Have I Been Pwned provides a free service to check to see if your password has shown up in any breaches. And if your password is on the internet, it is potentially being used by criminals in their password cracking programs to brute force guess your password and compromise your account.

The solution is to use unique passwords at all of your accounts. Of course, you will not be able to remember all of these different passwords, so you must write them down. Here are some recommendations to manage them:

  • Good – Write down your passwords on paper and save them in a drawer, preferably one that locks.
  • Better – Enter your passwords into a Microsoft Word document or Excel spreadsheet and save it somewhere safe. You can enable encryption and set the password protection by going to File-Info-Protect Document-Encrypt with Password. Then, since your new password manager is encrypted, when you open the file, you will be asked for the password.
  • Best – Use a password manager program. It’s a small application or secure web site that stores all passwords in a single password encrypted file. One free option is Keepass, available online at http://keepass.info. It’s best if you enable Keepass’s Secure Desktop option (where it opens a separate secure window), two-channel auto-type obfuscation, random password generation, and KeeForm (to fill in your credentials into web forms).

If you have questions or would like further information, contact LCC’s Director of Information Security Paul Schwartz at schwarp1@lcc.edu.

 

Plan Your Next Move