Warmer weather and the coming of spring are not the only things celebrated in April! A noteworthy national celebration that takes place on Tuesday, April 11 is National Identity Management Day.
Why is this important? Identity security is everyone’s responsibility. Compromised login credentials continue to be the most common cause of account takeovers for individuals and data breaches for organizations.
- 22% of U.S. households have been victimized by compromised accounts with an average financial loss of over $10,000*
- 84% of organizations suffered an identity-related breach—many of which experienced a negative direct business impact*
By establishing more secure ways to protect digital identities, it is possible to reduce the chance of compromised accounts.
Most compromised login credentials are preventable. It is easy to do by following these best practices to help strengthen your account security.
Use Strong Passwords
Whether it’s your bank account, Notre Dame email account or favorite shopping website, passwords are necessary for creating and accessing online accounts. While cyber criminals have sophisticated tools to crack passwords, creating strong passwords that are long and complex adds a layer of protection to your accounts.
Develop the habit of creating a different password for each account you own. In doing so, if one of your accounts is compromised, the cyber criminal will not be able to use the same password to get into your other accounts. The password standard at Notre Dame is a minimum of 16 characters.
Use a Password Manager
The average person has between 70-100 passwords to remember. And Making up long and unique passwords for each account can be a challenge, but using a password manager tool can simplify the entire process. Password managers can generate unique and complex passwords for all your accounts, and manage them all in one convenient place. Plus, you only have one password to remember!
Password manager tools offer other valuable benefits including:
- 24/7 account monitoring
- Ability to keep personal and work accounts separate
- Access to family membership
More information about password manager tools is available in this National Cybersecurity Alliance web page.
Watch for more information about 1Password: a new password manager service available at Notre Dame for no cost for faculty, staff and students. Details available soon!
Use Multi-Factor Authentication
Sometimes having strong passwords isn't enough. Multi-factor authentication is another security control available to protect your accounts such as:
- Social media
- Online shopping outlets
Requiring a second factor to confirm your identity before the login process is completed helps minimize unauthorized access.
Notre Dame uses Okta two step login to provide access to its many online services available to faculty, staff and students. A similar multi-factor authentication option can be enabled on many other online accounts and applications.
If you have enabled this option, be sure to only accept a notification for account access if you are trying to login to a particular account. If not, a cyber criminal may have your password and is trying to gain access to one of your accounts. Do not accept the notification and change your password on that account immediately. More information is available on this National Cybersecurity Alliance web page.
Beware of Phishing Scams
Phishing scams continue to increase University-wide. Faculty, staff, students and alumni have all received various types of phishing scams via emails, texts and phone calls.
Be vigilant when it comes to phishing emails—especially those containing unfamiliar links or attachments. In an effort to get your attention, these malicious emails may include:
- Job offers
- Shipment confirmations
- Request for personal information in a Google Form
Cyber criminals attempt to impersonate a person or company representative in order to trick the recipient into a response to gain access to personal information or someone’s computer via a malicious link or attachment.
How can you avoid becoming a victim of a phishing or job scam? The best way is to not respond and delete the email or text. More information about phishing scams is available in this knowledge article.
Identity Management Day is a great reminder for those using online resources to evaluate their role in protecting their personal identity. However, to reduce the percentage of annual account breaches, these tips need to become everyday habits. More information is available in this National Cybersecurity Alliance web page.
*Source: Identity Defined Security Alliance (idsalliance.org)