Picture of a person holding a mobile phone that displays a lock on teh screen

Use Secure Passwords Toolkit

Stumps the chumps. Create strong passwords and use Multifactor Authentication.

logo password

The bad news...

It takes only 2 seconds to crack an eleven-character password that uses only numbers.

Cybercriminals work around the clock to steal our identities and our valuable information. Weak passwords make their job easy. If you use the same weak password on multiple accounts, they can have access to all your online data in a matter of minutes.

The good news...

It is easy to power up your passwords!

By adding upper and lowercase letters and a few special characters, it will take cybercriminals 41 years to crack your password.

A few simple actions can make a big difference in increasing your password security.

Want to know how? Check out our Use Secure Passwords toolkit for ideas. We’ve put together a series of exercises, resources and information to boost your secure password knowledge.

But don’t just keep it to yourself, this toolkit is designed to be shared! We invite you to share what you learn with those in your inner circle – family, friends and colleagues alike.

We can all benefit from more secure passwords.

 

Power Up Your Passwords!

Use the resources in this toolkit to grow and flex your cybersecurity awareness password muscle.

Picture of a tablet sitting on a table with two credit cards displayed on the table

Shape Up Your Online Shopping Security

We bet you know a thing or two about shopping online but do you keep security best practices in mind? Using secure passwords is key to shopping online safely. Take our quiz and test your knowledge about how to maximize security when shopping online.

 

Take the quiz and find out
Picture of the number 101 at the entrance to an office

Secure Passwords 101

Ready for secure password news you can use? Check out these helpful tips to maximize your online password security.

Password 101: Online Password Basics
Picture of a person holding up their fingerprint against glass. The wording says Security

Bad, better, best, put your passwords to the test!

Are you in the know about password best practices? Be sure to power up your passwords and keep your data safe online with these helpful password hints!

Power up your passwords
Picture of lock with key

Password Managers

Whenever possible Yale uses Single Sign-On (SSO), aka CAS log-in,  which allows you to sign on with your NetID and password. But what about managing all your non-work passwords? Get the scoop!

Learn about password managers
Person sitting at a laptop typing with right hand and holding mobile phone in left hand

Multifactor Authentication (MFA) for Personal Use

Do you know that Multifactor Authentication can be used both at work and for your personal use? Learn more about how you can protect more than just your Yale data and systems.

Protect your personal accounts
Man talking into a can attached to a cord

Ways to spread the word!

We love sharing our passion for cybersecurity with the Yale community! Check out the details to learn how you can get in on the action!

You could be a winner
Picture of a tablet sitting on a table with two credit cards displayed on the table

Find out how much you know about online security!

Cybercriminals steal our passwords to steal our identities. This can be to gain access to University systems, or our most valuable personal information.

Do you know the best practices for online shopping and password security? Take our nifty quiz and see how you score.

Take the Quiz



 

Use Secure Passwords both at work and at home.

Password 101: News You Can Use

Ready to build your secure passwords muscle?

Follow these tips to help you power up your password:

  • Don’t Reuse passwords – Once you use it, lose it. Always create new and robust passwords when old ones expire.
  • Don’t share passwords – Your password is your business. Don’t share your passwords with anyone including colleagues, friends, and family members.
  • Don’t use the same passwords on different sites – It’s tempting to use the same password on different sites but don’t do it. When cyberthieves find a password that gains them access on a website, they will often try it on others. Different sites need different passwords.

Do you know the passwords that are most commonly used are easy to hack? 

Check out this list and be sure you’re not using these easy-to-crack passwords on any of your Yale or personal accounts.

Top 200 most common passwords

 

Bad, better, best, do your passwords pass the test?

Did you know that the standards for creating passwords have evolved over time? Today you can protect yourself and your data by upping your password game.

 

 

Don't do this!

Bad passwords

  • Use common words: baseball or doorbell
  • Don't contain special characters or numbers: handsomedan
  • Easy to guess: yale1234

Your password is your business. Yale ITS will never ask for your password by phone or email.

 

    This is a better way...

    Better passwords

    • Use less common words or phrases
    • Use upper and lower case letters and/or special characters (@, !,*)
    • Are harder to guess: BigBlue17dog%

    How many of your passwords fall in this category?

    These passwords are best!

    Best passwords

    • Use diverse compositions including alpha, numeric and special characters
    • Are between 8-127 characters
    • Use a passphrase: ImgoingtoDisneyWorld1022!YesIam!*! 

    What changes are you making to power up your passwords?

     

    A password manager can keep track of the many passwords in your personal life.

    What is a Password Manager?

    A password manager is exactly as it sounds - an application to store and manage your passwords. This can simplify remembering your many different passwords for different accounts. But how do you know those passwords are secure?

    Secure password managers use encryption for secure storage. Encryption "locks" the data by converting the stored passwords into unreadable code. The passwords you store can only be unlocked using one master password. 

    Do I need a password manager for Yale applications that I use?

    Most Yale applications should be using CAS. If you find that you are managing many usernames and passwords to access Yale systems, please let us know. Email us at information.security@yale.edu

     

    Picture of the Central Authentication Login page

    Can you recommend a password manager?

    While Yale doesn’t endorse any one particular password manager for personal use, we encourage you to review recent recommendations by PC Magazine for their favorites.

    This helpful article recommends password managers for different uses and includes features and prices.

    Read password manager recommendations

     

    Pick of a padlock with a key inserted
    Tip: Make a list of all your accounts that contain personal information. It may be more than you think.

    MFA - Here, There & Everywhere!

    Did you know you can use MFA for your personal accounts?

    In 2020 we worked together to launch DUO Everywhere for Yale. This initiative has resulted in a dramatic positive outcome for Yale NetID security.

    So why not add this same level of security to your personal accounts?

    If your username and password get into the hands of a bad actor, they can be used to steal your personal information. MFA provides an extra layer of protection to prevent this from happening. We encourage you to put MFA on your accounts that hold your sensitive, personal information.

    Examples include:

    • Places you shop with a credit card
    • Bank information
    • Retirement accounts
    • Email accounts

    Woman working on a laptop and using her mobile phone to confirm her identity

    Here are some resources to integrate Multifactor Authentication (MFA) into your personal life:

    Multifactor Authentication for Gmail 

    Add MFA to my Gmail account

    Multifactor Authentication for Amazon

    Add MFA to my Amazon account

    Ways to Spread the Word!

    Ready to power up your passwords and help others do the same? We have lots of ways to join in cybersecurity awareness fun and learning: 


     

    Picture of present wrapped in pink paper with ribbon

    Avoid the Holiday Hoax

    Don't let cybercriminals steal your holiday joy.  Learn tips for staying safe online this holiday season and ensure your special items end up the hands of your loved ones.

    Follow these tips
    Picture of Use Secure Passwords virtual background

    Download Use Secure Password Resources

    We've got simple tools to boost your awareness and help you create robust passwords. 

    Download resources
    Two women chatting in front of a computer

    Spread the Word!

    Ready to help your colleagues build their Use Secure Passwords muscle? Here's how you can help!

    We appreciate your support
    Person holding a credit card as they sit as a laptop

    Avoid the Holiday Hoax: Tips for Online Safety During the Holidays 

    Hackers never go on vacation. In fact, they work double-time during the holidays to steal your information. Now more than ever, protecting your online identity is essential.

    But it’s not just about you. You may have good online shopping habits but do your kids? What about your parents or grandparents?

    Here are a few resources to help you and your family stay safe online during the holidays:

    Be Your Home’s Secure Online Shopping Expert 

    Let’s expand safe online shopping practices with those we love. Check out this worksheet to identify those in your family who should be in the know. 

    But that’s not all, choose up to 5 online safety tips to share with them and keep them safe too.

    Boost Your Online Security: Frequently Used Websites Checklist 

    Identify the top 10 websites you frequently use. Use this handy checklist to review whether you’ve changed your password recently and to confirm that you use Multifactor Authentication (MFA) as a second layer of online security.

    Awareness tools are at your fingertips!

    Download Use Secure Password Resources 

    Boost your awareness with our handy resources!

    Our virtual background is a simple way to remind yourself and colleagues about using secure passwords. (plus we bet you’ll look great with the eye-catching green color behind you)

    Download Virtual Background

    Picture of Use Secure Passwords virtual background

     

    Want password tips at your fingertips?

    Our Use Secure Passwords poster does the trick! Post it in your workspace, either at home or on campus, to remind yourself about creating robust passwords to protect your personal information,

     Download poster

    Picture of Use Secure Passwords Poster

    Two women chatting in front of a computer

    5 Simple ways to spread the word!

    We'd love your help to let more people know about our Use Secure Passwords toolkit and resources. Here are some ways you can help:

    1. Email your colleagues with a link to the Use Secure Passwords toolkit.
    2. Encourage your colleagues to visit the Awareness Program events page and sign up for an upcoming event.
    3. Share the Use Secure Passwords toolkit at a staff meeting.
    4. Download the Use Secure Passwords poster and display it in a common area in your workspace (near printers or in kitchens are two ideas)
    5. Lead the charge in getting your whole team to download and use the Use Secure Passwords virtual background