System Administration Information Security Program
Secure use of passwords is critical. Passwords are the keys to the kingdom - your kingdom. If your password is compromised, an attacker can access everything you are trying to protect. Even worse, an attacker can then impersonate you and gain access to other resources.
Here are four critical components to secure use of passwords:
- Long & Strong: A good practice is to use at least one capital letter, one number and one symbol in your password. In addition, passwords should not contain information that somebody might know or be able to figure out, for example: your ZIP code, your phone number, your (your daughter, your kids) birthday, or your first (last, middle, street, pet) name.
- Keep it to Yourself: Employees often feel comfortable sharing passwords with other employees or supervisors. This is a dangerous practice. When you share your password, you lose accountability, you cannot track who did what.
- No Duplication: Many people will use the same password for all their accounts. While some duplication of passwords is acceptable, it should be only for non-critical accounts. If your Facebook, Flickr and Twitter passwords are the same, that might be an acceptable risk. What is not acceptable is your Facebook login and password being the same as your work or online banking login and password.
- Password Phishing: No one should ever ask you for your password. If someone asks for your password, assume they're up to no good.
2013 Information Security Awareness Video & Poster Contest
See more videos from the contest at the Security Awareness YouTube channel.
201 W. 7th Street
Ashbel Smith Hall (ASH 3)
Austin, TX 78701
Barry Moody, ISO