2.9.4 Cybersecurity Tip: Password Security
Password Security
Introduction
When we start our journey in the digital world, the password is one of the first technology that we use to protect our personal data and online accounts. With cyber threats growing more sophisticated every day, and types of cyber-attacks more varied, having a strong password and managing it properly is essential. Weak or reused passwords make accounts vulnerable to threats such as phishing, credential stuffing, and brute force attacks. Effective password management, including using strong and unique passwords can reduces the risk of breaches.
What you need to know
Weak or reused passwords are often targeted by hackers, which can cause unauthorized access to accounts. The most common passwords are easily guessable, such as “123456” or “password”. Additionally, using the same password across multiple accounts can also increase the risk of having credentials stuffed if one account is compromised. Another challenge many people face is remembering serval different passwords for various platforms, which creates unsafe practices like passwords down or storing them in plaintext files.
What you should do
- Create a strong password: Many websites require a strong password that should be at least 12 characters including a mix of uppercase letters, lowercase letters, numbers, and symbols. Avoid using easily guessable information such as name, birthday, or other common dictionary phrases.
- Update passwords regularly: It is important to change your password regularly, especially for sensitive accounts such as online banking, work-related account, and important emails.
- Enable Multi-Factor Authentication (MFA): Multi-Factor Authentication adds an extra layer of security by requiring a second form of verification. For example, when you login into your account, an MFA app can send a code to your phone to verify the login is not initiated by others.
- Stay alert for phishing attacks: Be cautious of emails or messages asking for your login credentials and never put in any sensitive information on an unverified website or email address.
References:
ChatGPT. (2025, January). Cybersecurity tips: Episode 2 Password Security. Retrieved from https://chat.openai.com/
National Cyber Security Centre. (n.d.). Password managers. from https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online/password-managers
Security.org. (n.d.). How secure is my password? from https://www.security.org/how-secure-is-my-password/
University of Tennessee Office of Information Technology. (n.d.). Password managers. from https://oit.utk.edu/security/learning-library/article-archive/password-managers/