Passwords are an essential part of any cybersecurity strategy and are the first defence against unauthorised access to an school’s computer systems and sensitive data. By implementing strong and unique passwords, staff can help to prevent unauthorised access to their systems and protect against a range of cyber threats, including malware, ransomware, and business email compromise (BEC) attacks.
What is a strong password? Well, they follow these best practices:
Good Password Strength – passwords should be 8-12 Characters, a mixture of upper case, lower case, numbers and symbols. Passwords should only be changed where there is a suspicion that it has become compromised.
Create a strong password for work accounts – Weak passwords can be hacked in seconds. The longer it is, the stronger it becomes and the harder to hack. Starting with your work accounts, replace your old passwords with strong passwords.
Use separate passwords for your work and personal accounts – If one of your accounts gets compromised, you don’t want the attacker to have your work password.
Change your password – Staff who suspect their password has been compromised should change it immediately. Staff should ensure all default passwords supplied by a vendor for new ICT devices and information management systems are changed when receiving access.
Store passwords securely – Never write down passwords on post-its and stick these on your monitor etc.
Another important aspect of password security is staff training. Staff play a critical role in protecting against cyber attacks by using strong and unique passwords and following safe computing practices, such as avoiding suspicious emails and websites. By providing regular cybersecurity training, school can help their staff to understand the importance of password security and to take the necessary steps to protect against cyber threats.
Overall, passwords are a key component of any cybersecurity strategy. By implementing strong and unique passwords and providing regular employee training, school can protect against unauthorised access to their systems and reduce the risk of cyber attacks.