{"id":2390,"date":"2022-05-11T16:41:48","date_gmt":"2022-05-11T23:41:48","guid":{"rendered":"https:\/\/commons.royalroads.ca\/studentlife\/?p=2390"},"modified":"2022-05-11T16:41:48","modified_gmt":"2022-05-11T23:41:48","slug":"world-password-day","status":"publish","type":"post","link":"https:\/\/commons.royalroads.ca\/studentlife\/world-password-day\/","title":{"rendered":"World Password Day"},"content":{"rendered":"<p>Did you know that May 5, 2022, is <strong>World Password Day<\/strong>? Created by cybersecurity professionals in 2013 and designated as the first Thursday every May, World Password Day is meant to foster good password habits that help keep our online lives secure. It might seem strange to have a day set aside to honour something almost no one wants to deal with\u2014like having a holiday for filing your income taxes (actually, that might be a good idea). But in today\u2019s world of online work, school, shopping, healthcare, and almost everything else, keeping our accounts secure is more important than ever. Passwords are not only hard to remember and keep track of, but they\u2019re also one of the most common entry points for attackers. In fact, there are <strong>921 password attacks every second\u2014nearly doubling in frequency over the past 12 months<\/strong>.<\/p>\n<p><strong><u>Top Tips for World Password Day<\/u><\/strong><\/p>\n<p>If you look online, you\u2019ll see lots of lists of tips to help you use passwords more securely.\u00a0 I\u2019d like to save you all that looking\u2026here\u2019s <strong>RRU Cybersecurity\u2019s Top Tips for World Password Day:<\/strong><\/p>\n<p><strong><u>Use Passphrases<\/u><\/strong><\/p>\n<ul>\n<li>Passphrases are a string of words and possibly numbers, special characters or spaces.\u00a0 E.g. \u201cBarking up the wrong Tree\u201d<\/li>\n<li>The longer the passphrase, the better.\u00a0 Aim for a minimum of 15 characters. Because passphrases tend to be longer and they are (or should be\u2026) easier to remember, they\u2019re much more secure.<\/li>\n<li>Want to know if you\u2019ve chosen a passphrase the cybercriminals aren\u2019t aware of?\u00a0 Try it out at: <a href=\"https:\/\/haveibeenpwned.com\/Passwords\">https:\/\/haveibeenpwned.com\/Passwords<\/a><\/li>\n<\/ul>\n<p><strong><u>DO NOT Share Passphrases<\/u><\/strong><\/p>\n<ul>\n<li>When you share passphrases, the person(s) you\u2019re sharing with now becomes <strong>you.<\/strong>\u00a0 And, you have no control over how they secure the passphrase you\u2019ve just given them.<\/li>\n<li><strong>NEVER<\/strong> use your RRU passphrase anywhere except here at RRU.\u00a0 <strong>DO NOT<\/strong> use it when creating accounts, etc. external to RRU, even if they\u2019re work-related.\u00a0 Why?\u00a0 When the company holding your RRU passphrase gets hacked, cybercriminals now have access to your nice, long, secure passphrase and they\u2019ll use it in \u201c<strong>password spraying attacks<\/strong>\u201d\u00a0 Password spraying attacks have caused numerous breaches, including the CRA breach from a couple of years ago.<\/li>\n<\/ul>\n<p><strong><u>Use UNIQUE Passphrases<\/u><\/strong><\/p>\n<ul>\n<li>Yes\u2026 one passphrase per site \/ account is what we\u2019re recommending. If a service is breached and your password is exposed, cybercriminals may try it on another account.<\/li>\n<li>Use a <strong>Password Manager<\/strong> to help you get a handle on all of those passphrases.<\/li>\n<\/ul>\n<p><strong><u>Enable Multi-factor Authentication (MFA)<\/u><\/strong><\/p>\n<ul>\n<li>Multi-factor authentication means you not only enter a passphrase, but you add in a second factor\u2026 usually a code or a biometric like a fingerprint scan\u2026 as \u201cproof\u201d that it\u2019s really you trying to log in.<\/li>\n<li>Does it work?\u00a0 Microsoft reports that the <strong>use of MFA blocks<\/strong> <strong>99.9% of account compromise attacks.<\/strong><\/li>\n<\/ul>\n<p>As long as we\u2019re talking top tips, here\u2019s our <strong>Top Password Myths<\/strong><\/p>\n<p><strong><u>Passwords Need Complexity<\/u><\/strong><\/p>\n<ul>\n<li>By complexity, I mean including upper \/ lower case numbers, special characters, etc.\u00a0 While perhaps true when this was first proposed in the early 2000\u2019s, it is no longer the case.\u00a0 And, it makes your passphrase harder to remember.<\/li>\n<li>Adding \u201cspring\u201d, \u201cfall\u201d, the year or a number onto a current passphrase does NOT make it a new one.\u00a0 Current password cracking tools are not fooled by this.<\/li>\n<\/ul>\n<p><strong><u>I\u2019ve Got a Word\u2026<\/u><\/strong><\/p>\n<ul>\n<li>We often hear someone say they\u2019ve got a \u201cspecial word\u201d that is from some ancient dead language or another similar source that nobody will ever guess.\u00a0 Sorry, but if YOU know about it, someone else does too.<\/li>\n<li>Before you put all your trust in this \u201cspecial word\u201d, try it out at <a href=\"https:\/\/haveibeenpwned.com\/Passwords\">https:\/\/haveibeenpwned.com\/Passwords<\/a>\u00a0 You just may be surprised.<\/li>\n<\/ul>\n<p>Finally, try playing <strong>Password Bingo<\/strong> (attached).\u00a0 It\u2019s a great summary of good password hygiene practices.<\/p>\n<p>As always, you\u2019re free to share this information with friends and family.\u00a0 Got questions?\u00a0 Chat with a Cybersecurity Ambassador, or send an email to: <a href=\"&#x6d;&#97;&#x69;&#x6c;&#116;&#x6f;&#x3a;&#83;&#x65;&#x63;&#117;&#x72;&#x69;t&#x79;&#x41;w&#x61;&#114;e&#x6e;&#101;s&#x73;&#64;r&#x6f;&#121;a&#x6c;&#114;o&#x61;&#100;s&#x2e;&#99;a\">&#x53;&#x65;&#x63;&#x75;&#x72;&#x69;&#x74;&#x79;&#x41;&#x77;&#x61;&#x72;&#x65;&#x6e;&#x65;&#x73;&#x73;&#x40;&#x72;&#x6f;&#x79;&#x61;&#x6c;&#x72;&#x6f;&#x61;&#x64;&#x73;&#x2e;&#x63;&#x61;<\/a><\/p>\n<p><strong>REMEMBER: STOP! THINK! CONNECT<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Did you know that May 5, 2022, is World Password Day? Created by cybersecurity professionals in 2013 and designated as the first Thursday every May, World Password Day is meant to foster good password habits that help keep our online&#8230; <a class=\"more-link\" href=\"https:\/\/commons.royalroads.ca\/studentlife\/world-password-day\/\">Continue Reading &rarr;<\/a><\/p>\n","protected":false},"author":767,"featured_media":2391,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-2390","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-resources"],"_links":{"self":[{"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/posts\/2390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/users\/767"}],"replies":[{"embeddable":true,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/comments?post=2390"}],"version-history":[{"count":1,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/posts\/2390\/revisions"}],"predecessor-version":[{"id":2392,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/posts\/2390\/revisions\/2392"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/media\/2391"}],"wp:attachment":[{"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/media?parent=2390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/categories?post=2390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/commons.royalroads.ca\/studentlife\/wp-json\/wp\/v2\/tags?post=2390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}