Cybercriminals are always working hard, looking for new ways to compromise your privacy. However, there are things you can do to reduce the risk to your data and your devices.
Password Management
Your password is your first, and possibly most important, defense against cybercriminals. Use a strong password, change it frequently, and never share it with others.
Password Guidelines
- Use strong passwords. See below for how to make and remember strong passwords
- Change passwords often. Change your passwords at the beginning of each semester, at least.
- Don’t reuse passwords. Doing so places more of your accounts at risk.
- Use two-factor authentication. If available, enable two-factor authentication (2FA), which adds another layer of security to your account.
What makes a strong password
A strong password is not easily guessed, by a person or a computer program designed to do so.
- Avoid any words you can find in the dictionary.
- Avoid names of family or pets, birthdays, anniversaries, or other information someone might know from your social media.
- Use a mix of uppercase and lowercase letters, numbers, and symbols.
- Use a password that’s at least 8 characters long.
- Changing a word by substituting symbols or numbers is not enough! P455w0rd! is still extremely easy to guess.
- A better choice is to use a sentence to help you remember the password. For example, “My favorite thing is to go to the beach” becomes a password of Mfti2g2tb by taking the first letter of each word. Add a random number and symbol to that to get 1142Mfti2g2tb#, and you have a stronger password.
Change passwords often
All users are strongly recommended to regularly change their passwords to all systems to ensure maximum protection. Bad actors typically make the majority of attempts at the beginning of terms and during the holidays. Users can better protect themselves by implementing strong passwords and changing them more frequently. In addition, students need to be aware that passwords will now have an expiration date assigned, forcing them to be changed.
How to remember your passwords
So, how do you remember strong passwords for each account, when you don’t reuse those passwords? Consider using a password manager. Many are free or low-cost, and they can generate strong passwords and store them for you so you don’t have to remember them.
Some considerations
- The password you use to secure your password manager must be strong, and not used for any other login.
- Choose a password manager that allows you to use two-factor authentication.
Phishing and Malware
Phishing occurs when an attacker pretends to be someone else to get your login credentials or other personal information.
Malware includes viruses, ransomware, and spyware. All are software installed on your device without your knowledge to acquire your private data, logins, or even lock your files until you pay a ransom.
How to recognize a phishing attempt
Not all email is legitimate. The best line of defense to protect your account and affiliated data is to recognize phish/spam emails. These emails may look enticing, as many revolve around unique job opportunities or free goods. Always use caution when viewing and processing email. Please take extra care whenever asked to access another link or open any attachments.
Here are some rules of thumb to identify red flags in determining a valid email:
- FROM. You don’t recognize the sender or sender’s address.
- SUBJECT. Subject line is irrelevant and/or does not match the email content.
- TO. You were sent an email with others, but you do not recognize any of the other recipients.
- DATE/TIME. Was this email sent at an unusual time, like 3 a.m.?
- CONTENT. Am I being asked to do something to avoid a negative consequence or to gain something of value? Phishing attempts often include a sense of urgency. Does the content have bad grammar or poor spelling?
- HYPERLINKS. When you hover your mouse over the hyperlink, does the site that the link is directing you to match what is on the hyperlink or to a completely different website?
- ATTACHMENTS. Also be suspicious. Don’t open any attachment unless you recognize the sender and were expecting the attachment.
To better assist you, we recommend users become more educated regarding phishing emails by participating in the Google Phishing quiz. This quiz is a highly interactive and engaging tool that will provide you with the keys to identify legitimate emails. In addition, the IT Services website is a great resource for learning more.
Other tips to stay safe online
- Keep your devices updated. Install operating system and software updates as soon as they are available.
- Use security software. Use software that can protect your computer from viruses, spyware, and phishing scams.
- Look for encryption. Look for the lock symbol in your browser before entering private or financial information.