Feb 19 2021

4 Simple Steps to a Rock-Solid Password

Small adjustments can make a big difference in protecting your data and devices from threat actors.

Advanced persistent threat groups continue to target K–12 schools, prompting the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) to urge all school leaders to strengthen user passwords to guard against misuses, which have grown in prevalence with distance learning in place nationwide.

One method bad actors use to get their hands on student and teacher passwords is known as “password spraying.” This brute-force attack that applies a single, commonly used password against many accounts. This allows cybercriminals to remain undetected by avoiding rapid or frequent lockouts.

Here are some best practices for choosing (or upgrading) your passwords:

1. Choose a Passphrase Instead of a Password

Long, complex passwords are more secure, but they’re also hard to remember. Try a passphrase with eight or more characters using a combination of special characters, uppercase and lowercase letters, and numbers (“Footba!!4theGreate5tC1uB,” for example).

2. Make a Different Password for Every Account

The password you set for each application should be unique. Hackers often obtain credentials from lists published on the internet harvested from systems vulnerable to attack, so using the same password everywhere could present an easy target.

3. Use a Password Manager

Not only does the software help securely store and retrieve passwords, it generates long, complex passwords unique to each account. Some managers use the cloud for access from any device. Create a strong phrase for your master password and secure it with multifactor authentication.

4. Consider Alternatives to Traditional Passwords

Some vendors have introduced passwordless authentication for greater security. A typical setup involves two parts: a physical item (such as a security key or smart card), plus a biometric gesture (such as a fingerprint or retinal scan) or a PIN stored locally.

Need to align school and IT leadership on cybersecurity priorities and needs? Read more at edtechmag.com/k12/alignment

Illustration by LJ Davids