Free prizes and online games
Password insecurity and how to beat the bad guys
You, because criminal actions taken online are in your name, or your personal details and information could be stolen and used against you to:
- commit fraud in your name
- scam friends and family by pretending to be you
- steal your money.
Why are Passwords insecure?
Once it's known, it's known - a computer cannot tell if it's really you using it or someone else.
If they're too weak they can be guessed, there are billions of passwords on the internet already. That number you added at the end, or in place of the letter - they're all known techniques.
Even if you have set a long strong password/phrase, if you've reused it on another site that gets breached it will get added to those online password lists forevermore and eventually they'll be tried against your various online accounts.
When should I change my password?
If you think there's a slight chance that someone else knows it, or you've reused it on another site, change it.
Check if your password has been found online via Pwned Passwords.
Where can I change it?
You can change your password yourself via self-service password reset.
How do you improve them?
- Make it longer - try three random words, things that would not exist together in a dictionary.
- Make it unique - do not reuse it, if possible use a password manager to remember them all for you.
Two easy steps to make it harder for cybercriminals
- Never share your password with anyone.
- Use a unique password for every account.
- Longer is stronger, eight characters is not enough.
- Consider using a password manager to keep passwords safe.
- Many password managers will suggest strong passwords for you.
MFA (Multi-factor authentication)
- MFA is an additional layer of security on your accounts.
- Quick and easy to set up and is offered by many services.
- All passwords are vulnerable, MFA greatly reduces your risk.
- A password combined with MFA greatly increases security.
The Information Security Toolkit is full of top tips and advice to help safeguard you, others and the University against cyber threats.