End the Password Hassles: Tips and Tools for Stronger, Smarter Passwords
Passwords might be the starting point for basic cybersecurity, yet they are also one of the most frustrating aspects of protecting our digital lives. Few enjoy receiving a password reset notification in the midst of their work. Although we appreciate the importance, we’d rather ignore it altogether.
This is understandable, but makes the job of a cyber attacker easier. Luckily, there are a few ways we can lessen the pain, and tighten up our security game.
Your new password must meet the following criteria:
- Does not match previously used password
- Must be 15 - 128 characters in length
- Avoid dictionary words (e.g. Buckeye, Carmen, Brutus)
- Password may not contain Full Name, Given Name, Surname
- Password may not contain the character sequence '.@'
Password Managers
These services generate, store, and manage complex passwords for various accounts. They encrypt your logins and ensure that you have unique passwords for each online account, making it easier to maintain strong security without having to remember multiple passwords. Some services also allow you to share your passwords with family members so you can keep all those streaming services streaming. Big-tech platforms also provide decent options:
- Google’s Password Manager
- Apple’s iCloud Keychain
- Microsoft’s Authenticator app
These services not only save your passwords, but they provide an autofill function for easy sign-ins to your favorite services. Though the university does not recommend specific commercial products, we suggest finding one you like and stick with it.
- DO NOT use the same password in more than one place: For the same reason as above, you don’t want one retailer’s data theft becoming your problem. Always have a unique password for each site or service. This way if your retailer is compromised, the cybercriminals cannot also use the same password to burrow even deeper into your digital life.
- Monitoring Services: Companies exist to monitor your credit and login credentials for a fee. A free option you can explore is HaveIBeenPwned. The tool checks if your personal data has been compromised in a data breach. If you find your credentials listed, you should change those passwords ASAP.
- Change Passwords Frequently: Cybercriminals make money by stealing and selling passwords. Often you may not know that yours was swept up in a heist, so this step is critical. For your important accounts (think bank, credit cards, personal email, medical portals) it is just as important to change those passwords frequently. Requirements for Ohio State passwords are outlined after you log in to my.osu.edu -- we won't list them here because to avoid publishing information that would help cybercriminals crack your password.
As always, to change your password at Ohio State, visit my.osu.edu.