The same thing happens when you log into an account that contains sensitive information. An electronic sentry pops up and asks for the password. It’s easy to treat passwords lightly – we have so many. But your passwords are just as important to your security as were the passwords that protected the villages of old.
When setting your passwords, keep in mind that advancements in technology have made it fairly simple to break easy passwords. Of the more than 48 percent of all data breaches that come from within an organization, most of them come from compromised accounts with easy passwords.
The University of Louisville’s Password Policy conforms to many of the federal, state and local regulations regarding password complexity with which the university must comply. To ensure you are in compliance with the university’s password policy, follow these simple steps:
- Make your password at least 8 characters long
- Use a mixture of letters, numbers and special characters
- Do not use dictionary words, names or interests of yours (e.g. your favorite sports team)
- Change your password often. A good rule of thumb is to change your password every 45-90 days.
When securing your password, you need to keep one thing in mind: Keep it private! A password alone is not the same level of protection as encrypting the sensitive information, but it is a good first step to being secure – especially if you are the only one who knows it.
As a university, UofL also falls under regulations and certain contracts that require user accounts not to be shared. From a personal standpoint, if you share your password and something maliciously is done under your account name, it will come back on you.
When creating the many passwords that you use for work and pleasure, there are a couple of thing to keep in mind:
- Do not share your passwords with anyone – You never know who you can trust and not trust.
- Use different passwords for your accounts – You do not want to use the same password for work, bank accounts, social media or your personal email. If one is compromised, all of your accounts can be accessed.
- Change your passwords periodically – If one gets compromised, the access will be lost once the password is changed.
- If you do not have a unique password for every account, at least have a “tier” approach where you use a different password for sensitive and non-sensitive accounts – For example, use the same password for Facebook and Twitter, but a different password for your bank account and credit cards.
Your digital profile is yours to keep. If it gets compromised, it can be a real headache to get everything sorted out. Use the tips above to stay in compliance with regulations the university falls under and to protect your personal identity.
If you have any questions about passwords or protecting yourself online, feel free to contact UofL’s Information Security Office.
(Editor’s Note: The is the second in a series of article for Compliance Awareness Week at UofL. Meet and talk to compliance personnel Tuesday, Sept. 27, at the HSC Quad, and Wednesday, Sept. 28, at the Red Barn. From 11:30 a.m.-2 p.m. each day, get free pizza and dessert, learn about compliance and your part in it and ask questions of UofL compliance officials.)