October is Cybersecurity Awareness Month, an opportunity to sharpen our security skills and learn ways to avoid cyber threats. Each week will have a particular theme. This first week is about passwords and password managers. Other activities include two phishing simulations and a town hall meeting October 30.
Week 1: The Keys to Strong Password Security
How many online accounts do you have?
It’s easy to lose track, and each one requires a password to your personal information—bank accounts, medical records, emails, social media accounts, and more. Imagine your password is like the key to your front door. If you use the same key for your house, car, and office, anyone who gets hold of that key can access all those places. Similarly, if you use the same password everywhere, and a criminal manages to steal it, they can unlock all your accounts.
Using a unique password for each account makes it much harder for someone to get into everything.
But it’s not just about uniqueness—password length plays a crucial role in security. The longer a password is, the harder it is to crack.
A password that’s at least 12-16 characters long is exponentially more difficult for a threat actor to break. It’s like moving from a basic lock on a garden shed to a high-security bank vault. Each additional character is like adding more bolts and reinforced steel to that vault, making it far more resistant to attempts at breaking in. The longer your password, the stronger the defense.
Okay, we’ve established using long, unique passwords for every account, but how will I remember them all?
A password manager securely stores all your passwords in an encrypted digital vault. We recommend Bitwarden, LastPass, Dashlane, or 1Password. Benefits of using a password manager include:
- You only need to remember one strong master password.
- A password manager can help you generate strong, random passwords.
- It fills in passwords in login pages and apps, streamlining the authentication process.
- It works across various devices and platforms.
- Passwords are synchronized securely across all your devices, ensuring accessibility without compromising security.
- You can safely share credentials with trusted individuals who use the same password manager.
Using a password manager not only simplifies your life but also strengthens your overall security, making it far less likely that your accounts will be compromised. Do not become complacent; make small, consistent habits to continually improve your online security.
Action to Take Right Now:
If you aren’t using a password manager already, take five minutes and try one out. Download and install one of the recommended apps. And put your first password into it.
For more information, check out the articles below.
National Cybersecurity Alliance on Passwords
National Cybersecurity Alliance on Password Managers
Phishing Simulations
The College is committed to performing four phishing simulations per year, two in the spring and two in the fall. We will perform both fall phishing simulations during the month of October. All employees will be “phished” and for the first time, students will be phished too. Look for suspicious messages delivered to your inbox and report them as you would any genuine phishing message. Feel free to work together with your colleagues and classmates–this is what we want you to do with real malicious emails.
Save the Date for the Virtual Town Hall
A regular feature of Cybersecurity Awareness Month is a Town Hall with Kendall George, Carleton and St. Olaf Colleges’ information security officer. In this informational and interactive session, he’ll describe the current state of the higher education cyberthreat and the steps you can take to keep the campus and your own digital life secure. There will be ample time for Q&A.
Save the Date: Noon, Wednesday, October 30, 2023.
Cybersecurity Training
Annual cybersecurity training for employees is due by October 31. To encourage everyone to get this done by the end of the month, employees who completes this training by the deadline will be entered into a drawing for two Bon Appetit meal vouchers. Feel free to work as a team and in other ways encourage your colleagues to meet this important annual requirement. The course covers a variety of current cybersecurity issues. It doesn’t take a lot of time. Plan for no more than 30 minutes to complete the course.
Cybersecurity is everyone’s job. Be safe out there and, if you ever have any questions, don’t hesitate to contact us or the Helpdesk.