Strengthen Your Passwords with Three Simple Tips: A strong password follows ALL THREE of these tips. 1. Make them long At least 16 characters—longer is stronger! 2. Make them random Two ways to do this are: Use a random string of mixed-case letters, numbers and symbols. For example: * cXmnZK65rf*&DaaD * Yuc8$RikA34%ZoPPao98t Another option is to create a memorable phrase of 4 – 7 unrelated words. This is called a “passphrase.” For example: * Good: HorsePurpleHatRun * Great: HorsePurpleHatRunBay * Amazing: Horse Purple Hat Run Bay Lifting Note: You can use spaces before or between words if you prefer! 3. Make them unique Use a different strong password for each account. For example: * Bank: k8dfh8c@Pfv0gB2 * Email account: legal tiny facility freehand probable enamel * Social media account: e246gs%mFs#3tv6 PRO TIP: USE A PASSWORD MANAGER It’s hard to remember all these strong passwords and we don’t want to save them in a file on a computer. Instead, use a password manager. For most people, generating and remembering long, random and unique passwords for every account is not possible. Rather than write them down, use a password manager! A password manager is an easy-to-use program that generates, stores and even fills in all your passwords. Password managers tell us when we have weak or re-used passwords and can generate strong passwords for us. They can also automatically fill logins into sites and apps as we move from one to another. When we use a password manager, we only need to remember one strong password—the one for the password manager itself. (Tip: Create a memorable long “passphrase” as described above.) There are many password managers to choose from. Some are free, like the built-in password managers in your web browser, and some cost money. Search a trusted source for “password managers” like Consumer Reports, which offers a selection of highly rated password managers. Read reviews to compare options and find a reputable program for you. When we use a password manager, we are much more likely to use a long, random and unique password on every site. And that makes it much harder for someone to steal our valuable information! PRO TIP: Check to see whether your email accounts, banks, healthcare providers and other important accounts enforce strong password requirements. If they let you use a short password or a dictionary word, ask them why. It’s your information they’re putting at risk! How often do I change my password? If your password is long, unique and complex, our recommendation is that you don’t need to ever change it unless you become aware that an unauthorized person is accessing that account, or the password was compromised in a data breach. This recommendation is backed up by the latest guidance from the National Institute of Standards and Technology<https://pages.nist.gov/800-63-3/sp800-63b.html>. For many years, cybersecurity experts told us to change our passwords every few months. However, this constant change isn’t helpful if your passwords are each long, unique and complex. In fact, if you change your passwords often, you risk reusing old passwords or falling into bad habits of creating similar or weak passwords. Stop Online Crime with Strong Passwords 0 YouTube link: https://youtu.be/FZoB7yUGh7Y Secure Our World Resources & Cybersecurity Awareness Month 2024 Toolkit https://www.cisa.gov/resources-tools/resources/secure-our-world-resources-cy... James Hale, ARM-P, ARM-E Risk Control Consultant County Risk Sharing Authority 209 East State Street Columbus, OH 43215 614.246.1630 FAX 614.220.0209 “ The leader in providing Ohio Counties with exceptional value, service, and protection of assets.”