Information Security and Privacy Office

Protect.....

Your Family

Your Privacy

Safeguarding Y​our PCs and Devices

​Your Identity

 

 

Passwords

Why They're Important

Passwords give you (and others) access to your computer account, your information, and your identity -- just like keys give you (and thieves) access to your home, your car, or you safe deposit box.

Picking Strong Passwords

When it comes to passwords, longer is stronger. For example, Phoenix15Sunny is a much stronger password than Sun-5h1ne! even though it doesn't have any special characters.

Here are three strategies to pick a strong password.

  1. Make it long and complex — Include upper case, lower case, punctuation, symbols, and numbers.
  2. Use different passwords — Make work password different from banking which is different from social media which is different from email which is different from your spouse’s password.
  3. Change passwords often — Change passwords on your high-risk accounts (like banking) at least every three months.

Phishing

Why It's Important

Phishing is an attempt to trick you into divulging personal information such as credit card numbers, account usernames and passwords, and social security numbers.

Almost every recent, major data breach started with a phishing email.

Recognizing Phishing

Most phishing attempts are via email and instant messaging. A typical phishing email may appear to come from your bank or a delivery service. The "spoofed" emails look very authentic with company logos, and they contain links to authentic-looking websites.

Protection Strategies

Don’t get phished! Here are five protection strategies to prevent becoming a victim.

  1. Be skeptical of all emails — If you don’t recognize sender, chances are this email is either some form of unsolicited spam or it is a phishing email.
  2. Be wary of links and attachments — If you do open the email, don’t click on links or download images or attachments. Links may take you to malicious websites. Images and attachments could contain malicious software. Be especially wary of emails with sensational headlines or offers to see naked pictures of celebrities.
  3. Ignore commands and requests for action — If the email is urging you to do something now, stop and think before you fall into their trap. If it’s too good to be true or seems too farfetched, it probably is.
  4. Check out the link — Discover where a link actually goes. With your mouse, hover over the link and look at the bottom left corner of your browser window. There you should be able to see the exact URL that you will be directed to if you click on the link. If this link shows as an IP address, such as 192.168.1.1, you probably don’t want to click on the link.
  5. Use the phone — If you get a questionable email or instant message, give the sender a call to verify it. And use a phone number from the phone book or other published source, not one within the message.