Celebrating 20 Years of Cybersecurity Awareness!
WELCOME TO CYBERSECURITY AWARENESS MONTH 2022
Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace.
This year’s campaign theme — “See Yourself in Cyber” — demonstrates that everyone is responsible for their own online behavior. This October we’ll focus on the “people” part of cybersecurity. Each week we will share information and resources to help educate you so you can make smart decisions whether on the job, at home or at school – now and in the future.
Week 2: Password Management
Welcome to Cyber Awareness Week 2. This week the theme is Password Management. Our goal this week is for you to consider your password hygiene and how you might improve it. Also, we are excited to share our version of a New York Times cyber awareness crossword puzzle. Good luck, let us know how you do!
Passwords are the key to your online identity. Between work and personal life, the average internet user has dozens, if not closer to 100 of password-protected accounts. In a recent Last Pass survey, it was determined that SMB employees use the same password an average of 14 times.
Reused passwords represent a huge risk as someone with access to one set of stolen or compromised credentials could use them to hack into other accounts. To keep your passwords safe from cybercriminals and reduce your cyber risk, see our resources and tips below.
An estimate of almost 10% of people have used at least one of the 25 worst passwords on this year’s list, and nearly 3% of people have used the worst password, 123456.
123456 | 123456789 | Qwerty | 12345678 | 111111 |
1234567890 | 1234567 | password | 123123 | 987654321 |
7777777 | 1q2w3e4r | 654321 | 555555 | 3rjs1la7qe |
1q2w3e4r5t | 123qwe | zxcvbnm | 1q2w3e | |
Qwertyuiop | Mynoob | 123123 | 666666 | 987654321 |
Did you know?
53%
of people rely on their memory to manage passwords.
51%
of people use the same passwords for both work and personal accounts.
57%
of people who have already been scammed in phishing attacks still haven’t changed their passwords.
33%
of account-compromised victims have stopped doing business with companies and websites that leaked their credentials.
Password Best Practices
7 Tips to Make Your Digital World Safer
Activities and Resources
- Check if your passwords have been exposed in a data breach.
InfraNet Cyber Awareness Crossword Puzzle
#InfraNetCyberAwareness
Instructions
- Click a cell on the crossword grid, or click a clue
- Click twice on a cell to toggle between across and down
- The active cell is highlighted in blue
- Start typing in the word
- Hit enter when you are done typing in the word
- The word will turn green or red if you got it right or wrong
- You can use the tab and shift-tab keys to move around the crossword, and the arrow keys
Week 1: Enable Multi-Factor Authentication (MFA)
You need more than a password to protect your online accounts and enabling MFA makes you significantly less likely to get hacked.
Did you know?
81%
of breaches are caused by credential theft
99.9%
less likely to be compromised if you use MFA
73%
of passwords are duplicates
What is MFA?
Multi-factor authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password. Along with a password, users are required to use a second or even a third form of authentication which can help prevent unauthorized account access if a system password has been compromised.
Passwords and PINs are the most common forms of single-factor authentication. MFA adds a layer of security by requiring two or more pieces of information—that is, multiple factors— during the authentication process.
Why is MFA Necessary?
In today’s digital world, both businesses and individuals store sensitive information online. A breach or misuse of this digital information can have serious consequences such as financial losses, business disruption, loss of reputation and so much more. According to an often-quoted study by Microsoft Research, “The average user has 6.5 passwords, each of which is shared across 3.9 different sites. Each user has about 25 accounts that require passwords, and types an average of 8 passwords per day.”
Credentials remain one of the most sought-after and easiest pieces of information for hackers to steal. Simply put passwords alone do not provide enough protection for digital assets. With so much at stake, why risk becoming a victim of password theft? Multi-factor authentication offers an additional layer of security between the user and the application/account they are trying to access by requiring two or more separate steps to verify their identity. MFA prevents unauthorized users from accessing these accounts, even when the password has been stolen.
How Does MFA work?
When a user registers an account, they can enable MFA by providing multiple forms of ID. The system then stores this ID and user information to verify the user when they login to the account. The login is a multistep process that verifies the ID and user information along with the password. The process includes:
Registration
A user creates the account with a username and password (also known as credentials). They then link other items that uniquely identify them such as their cell phone number or email address.
Authentication
When a user logs into an MFA enabled account, they are prompted for their username and password (the first factor – what they know), and an authentication response from their MFA device (the second factor – what they have).
If the system verifies the password, it connects to the other items. For example, it may send a numerical code to the cell phone.
Reaction
The user completes the authentication process by verifying the other items. For instance, they might enter the numerical code they received on their phone into the system. The user will gain access into the system only if all of the information is verified, username, password, phone number, code, etc.
Activities & Resources
Check out this infographic: