Cyber Safety: Keeping Your Passwords Secure
Did you know hackers try attacking over 2000 times a day?! That means there is a cyber attack every 39 seconds! And, I was almost a victim.
Everything has an account with a password. You download an app, create an account. You try to access a website, create an account. You check student loans, create an account. We’ve been constantly told to create strong passwords and warned about phishing scams disguised as trustworthy entities to obtain our information. But it gets exhausting thinking up new and unique usernames and passwords to stay digitally secure.
As the number of my accounts grew, I got lazier and lazier creating new logins. I began using previously made passwords and slightly altering them, exchanging a character here and there with a capital letter. If I was feeling really lazy, a single number would be added at the end. After a while, I would get frustrated. I could never remember which password variant was paired with which account. Was it Weber2020 or weBer2020 for my Twitter? Or did I use one of them for my Instagram?
It got to the point where I was using the same password for most of my accounts. A singular go-to password made it easy to create new accounts or log into old accounts without a blink of an eye. I had the mindset that it didn’t matter. I didn’t have anything to steal. So, I didn’t worry about repeating my password time and time again until I got tricked by a phishing email and changed my ways.
The Day I Went Phishing
I was sitting at a desk in Stewart Library, waiting for time to pass before my next lecture. Hearing a chime, I looked up to see a new email in my inbox. Click. I quickly scanned the contents and saw it was a survey on environmental change being conducted by the university. Click. A new tab loaded with an eWeber portal login page. Typing. Click. Seconds later, I heard another chime. Again, I saw a new email—this time from Weber State’s IT Department. Click. Opening it, I read “We have become alerted to a phishing attempt that is occurring.“ I realized what I had done. A phishing scam had just played me using a fake eWeber portal login page.
Panic started to set in. Almost all my passwords were the same. The individual(s) behind the phishing scam had the potential to access every one of my accounts, not just my student eWeber account but online stores, banking information, etc. With each account, there was an increased chance of my personal information being stolen: residence address, important dates, identification numbers, banking information. I quickly began changing my passwords, starting with my eWeber account, followed by my bank account, FASFA, social media, and any store websites I frequented.
For days, I watched my accounts for suspicious activity. I was changing my passwords at least once a day, sometimes twice. Thankfully nothing happened after I accidentally clicked on the phishing scam, but it got me to be more cautious regarding my accounts.
Creating A Strong, Secure Password
I have tried to create better password habits after my incident with the phishing scam, but it doesn’t always happen. Creating unique passwords for 50+ accounts is overwhelming. Not to mention remembering all of them. I started by eliminating some accounts. Once I had decided which accounts I really needed, I used the following six tips to create stronger passwords.
- Password length between 8 and 12 characters
- Use a mixture of uppercase and lowercase characters
- Use a mix of letter and number characters
- Use unique characters, if allowed
- Don’t use important dates or identifying numbers
- Don’t use proper names or words
My passwords were stronger; however, I can't take all the credit. Instead of repeating the same password, I now used a password generator from time to time to create my strong passwords.
Using Password Managers
Sadly, even though my passwords were stronger, I still had issues remembering them. So, this year I began exploring password managers. Finally, it was time: no more random papers or notes in my phone. Instead, I wanted a secure location I could trust to remember my accounts when my memory did not.
Over the past few months, I scoured the internet to find the best and most college student-friendly password managers. But don’t worry, I didn’t pay for all of them, and you don’t need to either!
I came to find that the internet applications such as Google Chrome, Microsoft Edge, and Safari have password managers ready to use. To check if your browser is properly equipped, go to the settings menu and search ‘‘manage passwords.” A page with usernames and passwords of frequently visited accounts will be generated and saved for the future.
With one internet search, you can also find a multitude of password managers being advertised. Most password managers I found have a free version and expandable versions available for purchase. But which one is the best? That’s where my testing came in! Of those tested, below are my top choices of password managers based on pricing, ease of use, platforms, and overall design.
- LastPass. Password Manager & Encryptor
- Bitwarden. Password Manager
- KeePass. Open-Source Password Manager
- Dashlane. Password Manager & Digital Wallet
You can be sure that any choice here is safe when used correctly. However, I encourage you to do your own research.
Borrowing Computers & Passwords
Password protection extends even to borrowed computers. There have been many times I haven’t had my laptop on campus, or it has died on me halfway through writing a paper. In a pinch, I might ask a course peer to use their computer or make my way to a campus computer lab. Before, I wouldn’t have given a thought to logging into a random computer. Now, I make sure that I take steps to protect my personal information when using an unknown computer. It might not be a scammer walking through the computer lab, but there is a chance another user can access your account. Take precautions by following these tips to ensure your digital safety:
- Never save your passwords on other computers
- Never leave the computer unattended
- Make sure to log out of your account before clicking the exit button
Reach out to WSU’s very own IT Division and their Safe Computing resources if you have questions about your computer or digital security. Protect your passwords and stay digitally safe. I encourage you to change your passwords if they are all the same. Don’t get scammed like me!
Make an appointment with an Academic Peer Coach today! You can make an appointment through TutorTrac, or you can reach out to us at firstname.lastname@example.org. We’d love to hear from you!
Sobers, R. (2021, March 17). 134 Cybersecurity Statistics and Trends for 2021. Retrieved from https://www.varonis.com/blog/cybersecurity-statistics/
WSU Informational Technology. (n.d.). Safe Computing. Retrieved from https://www.weber.edu/help/kb/safecomputing.html#strongpassword
About The Author
Alexis (she/her/s) is an Academic Peer Coach and a recent WSU alumnus with Bachelor's Degrees in Microbiology and Zoology.
Back to Blog