The Power of Strong Passwords

As Cybersecurity Awareness Month begins, the Department of Information Technology reminds the community that strong passwords remain one of the most effective defenses against cyber threats. 

Attackers target accounts every single day, and passwords are often the first weakness they exploit. Once stolen, a single password can unlock multiple accounts, putting your personal, academic and financial information at risk. Creating strong, unique passwords and effectively managing them is the simplest way to protect your digital identity. Here are some common myths to watch out for and the steps you can take to keep your accounts safe.

Myths vs. Facts: What You Need to Know

Myth: Adding a single number or symbol makes my password secure.
Fact: Strong passwords rely on length and complexity, not simple changes.

Hackers run programs that test billions of passwords every second. Simple or predictable logins are guessed almost instantly. The safest option is to use long, unrelated passphrases of 12 or more characters.

Myth: Reusing the same password across accounts saves time.
Fact: Reused passwords give hackers access to multiple accounts.

If one account is compromised, attackers try the same password across many other sites until they find a match. The best defense is to use a unique, strong password for every account.

Myth: Writing my password on paper is safer than saving it digitally.
Fact: Passwords on paper can be stolen just as easily as online ones.

A sticky note, notebook or photo of your login credentials is all an attacker needs. A better option is to use a password manager to generate and securely store unique, encrypted passwords. Password managers will also flag reused passwords and alert you if any of your passwords are found in a known data breach.

Myth: Personal details make a password easier to remember and safer.
Fact: Personal details are predictable and often the first thing hackers try.

Details like birthdays, addresses or pet names are easy for hackers to find on social media or public records. Instead of using details tied to your life, create a password from unrelated words or phrases that are not connected to your personal life.

Myth: IT might need my password to fix a problem.
Fact: No Seton Hall employee will ever ask for your password.

Any such request is a scam designed to steal your credentials. Sharing your password could give attackers full control of your email, financial accounts or academic records. Never share your password over email, text, phone or chat.

Guidelines for Choosing a Strong Password

1. Use at least 12–14 characters.
2. Combine uppercase and lowercase letters, numbers and symbols.
3. Make it memorable for you but difficult for others to guess. Consider using a random passphrase such as, "PurpleTrain$Wind#w7".
4. Use a different password for every account you create.

If you think your password has been compromised, contact the Department of Information Technology by submitting a service desk ticket on the Technology Service Desk portal. By staying alert and practicing smart password habits, you can keep your digital life secure and stay two steps ahead of cyber threats.

Categories: Science and Technology