The use of a password is the most common method of authentication and has continued to be an essential part of our everyday life with technology, as this is necessary to prove our identity. As widely used as passwords are, most people don’t know much about them and how to ensure that they don’t get compromised. A report on common password used in 2016 ranked “123456” as the number 1 most used password of the year. This is an example of a password to avoid using.
Account Management
Centennial College understands the hectic, demanding lives that our students lead. That is why we are here to ensure that your hard work on assignments and access to academic resources is safe. Nothing is more essential to us than ensuring that our students can accomplish their work safely.
The tips and techniques we demonstrate in this article apply equally to both account types.
Selecting a Password
A strong password should contain the following elements:
- At least 10 or more characters
- Uppercase letters (e.g. ABCD)
- Lowercase letters (e.g. abcd)
- Numbers (e.g. 3581)
- Special characters (e.g. @!#$%&^)
Example: ^3duc47ion!, WhereIsMyC0ffee?
Passphrase
If you want to try a more complicated password-setting strategy, consider using a passphrase:
- To increase the strength of a password consider using a passphrase instead
- A passphrase is longer than a password and encourages the use of spaces in addition to upper and lower case letters, numbers, as well as special characters
- Easier to remember, and difficult for computers to crack
And remember to never save passwords in public devices.
Use of Password Managers
Centennial College does not promote or suggest any particular account manager product. The following solutions work as credential stores and allow you to create a unique login and password for each account, boosting security if one is compromised:
- Bitwarden
- LastPass
- Dashlane
- Keeper
- 1Password
Multifactor Authentication
Many businesses are introducing a second layer of protection known as multi-factor authentication. (For short, MFA.) You may have witnessed such a procedure done by your bank, a lender, or when using numerous internet services. Enabling and implementing MFA reduces the possibility that an attacker (who may know your password) will get access to your resources and do destructive acts. To learn more about MFA, see our section on multi-factor authentication.
Additional Tips for Good Password Management
- Avoid using dictionary words
- Avoiding dictionary words is the first step in ensuring that your password is not easily guessed or brute-forced. If you, however, insist on using dictionary words, you can make it more difficult to guess by changing some of the characters to numbers and symbols.
- Longer is stronger
- However you choose to interpret this, longer passwords are always stronger, as it takes more computing power to be able to get the password. NIST, in its new 2017 publication, recommends no limit to password length, but says that short passwords should be avoided. Good advice is to make a long but memorable "passphrase.” String a few words together that you can remember with a visual.
- Avoid using repeated characters/patterns
- The more complex your password is, the better. Using repeating characters or patterns, even if the password is long, is not ideal. The more of the same things that you have in your password the easier it will be to crack. e.g. 1234554321
- Avoid using the same password across multiple platforms
- If you use the same password across multiple platforms, and one of those sites is comprised and the credentials leaked, the first thing hackers will do is try other services where you might have an account to see if you used the same password. While it is a bit more work, it is always best to have separate passwords for every online account (and don't worry, there are tools that can help you manage all of these passwords; see the last point).