Sharing passwords is NOT okay

Oct 11, 2018 | News

You have an important meeting that starts in 10 minutes—and you’re nowhere close to work.

You decide to teleconference in, but realize you need a critical document that’s on your work computer for the discussion. You decide to call a trusted co-worker and give her your network password so she can retrieve the information. And when you arrive at work you change your computer password so it stays a secret. You think that no harm is done.

A week later you have a meeting with your manager. You’re informed that the IMITS Cybersecurity team flagged your computer account for inappropriate access to personal information that you have no business accessing. You’re shocked: you know you didn’t do it and told her so. You think, “How could this have happened?” and then remember sharing your password with your co-worker. Was this trouble is related to that?

Never EVER share your password.

In this scenario it was Cyber Thief Sam—not your co-worker—that impersonated you.

Cyber Thief Sam happened to be close enough to overhear the conversation between you and your co-worker. He watched as your co-worker wrote down your password on a sticky note and walked over to your computer to log in. Unbeknownst to you, your co-worker left the sticky note on his desk while he went on break, and that’s when Sam took the opportunity to steal your password, log in as you, and gain access to all that unauthorized personal information.

IMITS Information Security says:

You are the only person responsible for all activities performed with your username and password.

If you need a new password because you feel your current one is no longer a secret, here are some tips:

  • Consider using spaces - Ex. Instead of "ihave1dog", make it "i have 1 dog"
  • Consider using misspellings - Ex. Instead of "ilove2eatthat", make it "iluv2ettht". Non-dictionary words make it more secure.
  • Consider using long and complex passphrases, instead of a password - Ex. Instead of "2dogs1cat", add punctuation, capitalization, spaces and misspellings to make it "I own 2 dggs, and 1 caat!"
  • Consider enabling two-factor authentication (if applicable). Many social media and email accounts provide this feature.

Research shows that a computer will take two centuries to guess a password if it has twelve characters.

The moral of the story?

Don’t share passwords; you never know where Cyber Thief Sam might be lurking next. And when it comes to creating new passwords, remember that longer is stronger.

Related Articles

Add new comment