CHOOSE A PASSWORD
It goes without saying that online security is no joke. And despite all the sophisticated security layers we integrate into our website, all the hard work can be undone with something as simple as a weak password.
Learning to create and manage strong passwords is crucial for protecting your own privacy and for securing Encounter Youth’s online presence and office intranet.
Length is strength.
The secret to a strong password is a LONG password.
Think: 8 or more characters. More is better.
Your password should include the following:
• Uppercase and lowercase letters
• Symbols like ! ? $ % @ ^ _ and &
That doesn’t mean you have to try remember something like:
Something like this is very strong and relatively easy to remember:
It’s twenty characters long, and includes uppercase and lowercase letters, and numbers and symbols.
So, do these four things:
1. Think of a memorable phrase that’s more than 8 characters long.
(It goes without saying, don’t use known songs and rhymes, etc.)
2. Start each word with an uppercase letter.
3. Throw in a number.
4. Connect the phrases with a symbol.
Best Practices for Secure Passwords
1. Don’t use the same password on every account.
Have one password for your office intranet, one for your email and social media, one for other personal accounts and an entirely separate one for your bank accounts.
2. Never save your passwords in plain text.
Passwords saved in Excel, Word or any other plain text format can easily be hacked. Record your passwords in a little “black book” and keep it in a safe place at home. Write your passwords in pencil so it’s easy to record changes and tell your partner or parents where to find your notebook should a situation arise where you need someone else to access this information.
3. Use two-step verification where possible.
Although it’s not possible in the office intranet environment, enable two-step verification on your personal accounts whenever available.
4. Avoid password managers.
Password managers are convenient … until you need to change your passwords 😉 . More importantly, password managers are not infallible and can be hacked.
5. Never send a password via email.
If you need to send a password electronically, send your login details in two different formats and send the most sensitive information via mobile text message. For example, send the username by email and the password by SMS.
Regularly check whether your email has been pwned*
Email is one of the most insecure platforms and it’s worth checking regularly to see whether your email has been compromised.
A great tool to do so is the following website:
If you find that your email has been compromised, you should change your passwords at all relevant platforms.
*The term pwned comes from the misspelling of the word “owned”, which in online gaming means to be conquered or subdued. (A designer in the online game Warcraft made the error, and the misspelling has taken on a life of its own.)