![]() Similarly, if a password was shared for some reason, reusing that password could allow someone unauthorized access to your account. If a user account was previously compromised, either knowingly or unknowingly, reusing a password could allow that user account to, once again, become compromised. When changing an account password, you should avoid reusing a previous password. The ISO has vetted some password managers that meets these requirements. Using a password manager to store your passwords is not recommended unless the password manager leverages strong encryption and requires authentication prior to use. In cases where it is necessary to write down a password, that password should be stored in a secure location and properly destroyed when no longer needed (see Guidelines for Data Protection). Do not write your password down or store it in an insecure mannerĪs a general rule, you should avoid writing down your password.The use of blank spaces also makes a password more difficult to guess. It is important to note the placement of numeric and symbolic characters in this example as they prevent multiple words from being found in a standard dictionary. For example, the passphrase “My passw0rd is $uper str0ng!” is 28 characters long and includes alphabetic, numeric and special characters. Passphrases typically have additional benefits such as being longer and easier to remember. A passphrase could be a lyric from a song or a favorite quote. After resetting your password, report the incident to your local departmental administrator and/or the Information Security Office at Consider using a passphrase instead of a passwordĪ passphrase is a password made up of a sequence of words with numeric and/or symbolic characters inserted throughout. Be sure to change your password from a computer you do not typically use (e.g. If you suspect someone has compromised your account, change your password immediately. Change your password upon indication of compromise.An alternative to doing this is to create a new account with an appropriate level of access for the repair person. ![]() Passwords should not be shared even for the purpose of computer repair. For example, Microsoft Exchange calendar will allow a user to delegate control of his or her calendar to another user without sharing any passwords. In situations where someone requires access to another individual’s protected resources, delegation of permission options should be explored. Passwords should not be shared with anyone, including any students, faculty or staff.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |