Once upon a time there lived a beautiful princess who loved her charming prince more than life itself. The princess embodied kindness and sweetness; and the prince was the definition of charming. They were the perfect couple who had nothing but the utmost respect for the other. The kingdom also loved both of them because they had yet to do anything to prove that they were bad people. But then, on a dark day, which has been known as “Stupid Day” since then, the couple had a small argument. The small argument escalated quickly to a fight, and then to a trial separation, and then a real separation, and then finally a breakup. The couple that everyone thought would be together forever was broken. The kingdom started to get antsy, for they didn’t know how much of their information the prince had shared with the princess. For you see, the princess was not the ruler of their kingdom — the prince was.
The kingdom proved to be right in worrying about their information, as their prince had shared his password with the princess. And these four letters (for his password was “frog”) proved to be the downfall of the entire kingdom. The prince had only one password for all of his accounts, and because the princess wanted some retribution for their breakup, she decided to ruin the prince’s life.
She used his simple password to log into his special prince account, which held all of the private information of everyone in the kingdom. And then, she logged onto his Facebook account, and posted this information to the public. Then, she changed his status to “!_m@stupidFR0G — I’m a stupid frog — for it is my password now.” Because all of this information was on his Facebook account (and they assumed that their prince would have been smart enough to have a good password and not tell anyone it) they thought that the prince had ruined all of their lives by exposing all of their personal information. They wouldn’t listen to the prince’s pleas, and they all decided that he needed to be punished, for the people had turned on each other, as well as on their king — their happy, peaceful kingdom had disbanded into a dystopia. The king was dethroned and thrown into the fiery mouth of the local dragon.
Don’t be a stupid frog.
- Don’t share your password.
- Don’t use an easy to guess password.
- Don’t use only one password for all of your accounts.
Your identification can be stolen. All of your information can magically disappear. Someone can masquerade as you. Your secrets can be spilled. You bank account can be wiped. Your credit ruined. You can be dropped from all of your classes (yes, it’s actually happened at USF!). Someone can do something illegal, using your information, and you can get blamed. These are only some of the terrible things that can happen.
Be smart about your password!!
October is National Cyber Awareness Month, http://blogs.usfca.edu/its/2012/10/17/cybersecurity-awareness-month-enroll-in-sth-training-today/ and maybe you should change your personal passwords to remember the holiday. This is not to say that you should only change your passwords once a year. USF makes you change their password every six months. Other service providers and situations have three month durations.
What makes a good password?
- A combination of uppercase and lowercase letters
- Special characters
- Using different passwords for different websites and applications
If you have trouble remembering all of your passwords, an option is to download an application on your smartphone called Password Keeper or Password Manager. This is basically an encrypted application, which stores all of your passwords. As long as you remember one password, you can access all of your other passwords on your phone. When you sync your smartphone to your laptop, the information will stay encrypted through the password. There are many different types of Password Managers, so you make sure that you don’t fall for a scam. Look at the security measures that the application is using, and read the online information and reviews of the application. An example of one of these applications is DataVault. Although Password Managers are a good option, there are always risks, and if possible, you should avoid using one.
A browser cache is when you click “remember my password” on a website. This is even less recommended, because malware can get to your password if you get a virus. But it’s also an option.
If you forget your USF password, you can go to USFconnect and click on my account. It literally takes like three clicks to change it. For more information see our USFanswers solution USFconnect Password refresh information. The problem with this online method is that all a hacker needs to change your password is your USF ID number and your birthday. So if you advertise these (*cough* Facebook *cough*) then you should probably call the ITS Help Desk and ask them to disable this self-service password reset feature for your account. That way, the only way that you can change your password is by calling the ITS Help Desk directly.
Here’s a good way to create your password so that you can remember it later. First think of a phrase, saying, or quote that is memorable to you. So for example if you find this quote from the famous movie “Titanic,” to be ironically memorable, you would use the quote “I’ll never let go, Jack. I promise.” The next step is to extract the first letter from each word. So it’ll be “inlgjip.” Then, decide which letter(s) you want to capitalize and slap on a couple of numbers. But make sure not to make the numbers too obvious. They shouldn’t hold real significance. So they shouldn’t be anyone’s birthday or favorite number. But perhaps they can be the jersey numbers of your favorite baseball players. So our password would end up being “inlgjiP26.” That looks very complicated, doesn’t it? But it’s going to be easy for you to remember. Here’s some more information if you want more details on this process see the USFanswers solution How to: Understand Password Protection.
And no, this isn’t my actual password, so don’t even bother trying.
What are you waiting for — go change your password!
Information Security Awareness Video & Poster Contest
If you’re an artsy type, and want to try your hand in creating a promotional video or flyer for Cyber Awareness Month, visit http://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-initiative/community-engagement/information-security-awareness — you could win $2000!