ITS Security Tip of the Week: Examples of Password Exploits

Protecting sensitive data is everyone’s responsibility, to increase awareness of careless online habits and assist in creating good practices ITS encourages you to review these weekly tips.

 

Password security is one of the weakest links to accessing data.  There have been many examples of data breaches involving passwords, for example phishing emails are when a user provides the password willingly, key loggers installed on computers that will capture passwords without the users knowledge, cyber attackers using password crackers to capture and break passwords, or the largest number of passwords and login credentials are stolen from databases for instance Sony BMG Music, Sony Pictures, Facebook, Gmail, and Sony Play Station (PSN) to name a few of the recent breaches.

 

What can you do to protect your login information? 

·       When possible create a login name that is unique and is not your name, account number, or other information directly linked to you.

·       Always create a strong password, no dictionary words, use upper & lower case, special characters, no less than 8 characters – the longer the better, but most importantly something you can remember and not write down.

·       Create different usernames and passwords for the various accounts you subscribe to.  The reason you need multiple user names and passwords is because if a Hacker gets your account information it can be used to gain access to all your accounts using the same password.  For example with the Sony breach mentioned above they found that 92 % of the users had the same password across the accounts.  Read the eWeek article Therefore, the login credentials you use for Facebook should not be the same one you use for your bank account.

 

Refer to the UH askus on compromised UH Usernames http://www.hawaii.edu/askus/1064

 

Please contact the ITS security team at infosec@hawaii.edu for more information or if you have any questions about the security of your personal information.

 

An archive of weekly ITS Security Tips is available at: http://www.hawaii.edu/askus/1359