Tips to ensure your online accounts are protected

Kentucky School Advocate
October 2020

By Matt Wells

KSBA Technology Manager

October is National Cybersecurity Awareness Month. While securing our personal data is a year-round commitment, we reserve this month to hit refresh on the simple ways we can ensure a safe online experience. In a recent survey of Kentucky’s school board members, superintendents and other district staff, approximately 90 percent indicated they use more than one internet-connected device in their personal and professional lives – desktop and laptop computers, tablets and smartphones. As these devices have become more sophisticated and intuitive, so have the malicious efforts to compromise your information.

How can I immediately make my user account(s) more secure? Practice good password habits.

In the age of instant-everything, we are often tempted to take shortcuts with our passwords for email and e-commerce accounts. Simple, short combinations of words and numbers make it easier for us to log in. It also makes it easier for hackers to access your accounts and wreak havoc, from locking you out to stealing your identity. Here are some recommendations for strengthening your login credentials:

Memorable is vulnerable. Your use of a birthday, anniversary, pet’s name or favorite beach destination make it much easier for you to remember your password. It also makes it much easier for the bad guys to guess your password. Consider this – are you leaking clues about your passwords in your social media posts? “Happy 10th Birthday to my daughter Amy! Can’t wait to celebrate tonight.” You’ve just told everyone with access to your social media account (which could be the entire Internet, based on your security settings) your child’s name and birthday, common components of an easy to guess password. Consider instead using a combination of numbers, upper and lower case letters, and special characters that don’t contain significant personal meaning to you.

Passwords should be like snowflakes. Use a unique password for EVERY account. No matter how many email accounts, apps or memberships you accumulate, each one of them should have a unique password. Using the same password across multiple accounts is one of the easiest ways for hackers to gain access to your information. It would be like a burglar getting his or her hands on a master key for the entire neighborhood!

Multi-factor authentication is worth it. Take advantage of your accounts and apps that make use of multi-factor (sometimes known as two-factor) authentication. That’s when account holders are required to prove their identity by providing extra information besides just a password. That might mean receiving a text alert with a special code, using an authenticator app to generate a random passcode or responding to a system-generated email. A few extra seconds can save you from the lifetime of headaches caused by identity fraud.

Great advice, but this is impossible! I’m supposed to use hard to remember passwords, make each one unique for every single login and use multi-factor authentication?

Consider using a password-manager application (such as 1Password or LastPass) to help manage all of this. They can be used to generate random passwords, remember your credentials for you, and in many cases even auto-fill your login information on the websites you use. Plus, your credentials are encrypted in a way that makes them very secure.