
The bad news...
It takes only 2 seconds to crack an eleven-character password that uses only numbers.
Cybercriminals work around the clock to steal our identities and our valuable information. Weak passwords make their job easy. If you use the same weak password on multiple accounts, they can have access to all your online data in a matter of minutes.
The good news...
It is easy to power up your passwords!
By adding upper and lowercase letters and a few special characters, it will take cybercriminals 41 years to crack your password.
A few simple actions can make a big difference in increasing your password security.
Want to know how? Check out our Use Secure Passwords toolkit for ideas. We’ve put together a series of exercises, resources and information to boost your secure password knowledge.
But don’t just keep it to yourself, this toolkit is designed to be shared! We invite you to share what you learn with those in your inner circle – family, friends and colleagues alike.
We can all benefit from more secure passwords.
Power Up Your Passwords!
Use the resources in this toolkit to grow and flex your cybersecurity awareness password muscle.

Shape Up Your Online Shopping Security
We bet you know a thing or two about shopping online but do you keep security best practices in mind? Using secure passwords is key to shopping online safely. Take our quiz and test your knowledge about how to maximize security when shopping online.

Secure Passwords 101
Ready for secure password news you can use? Check out these helpful tips to maximize your online password security.

Bad, better, best, put your passwords to the test!
Are you in the know about password best practices? Be sure to power up your passwords and keep your data safe online with these helpful password hints!

Password Managers
Whenever possible Yale uses Single Sign-On (SSO), aka CAS log-in, which allows you to sign on with your NetID and password. But what about managing all your non-work passwords? Get the scoop!

Multifactor Authentication (MFA) for Personal Use
Do you know that Multifactor Authentication can be used both at work and for your personal use? Learn more about how you can protect more than just your Yale data and systems.

Find out how much you know about online security!
Cybercriminals steal our passwords to steal our identities. This can be to gain access to University systems, or our most valuable personal information.
Do you know the best practices for online shopping and password security? Take our nifty quiz and see how you score.
Password 101: News You Can Use
Ready to build your secure passwords muscle?
Follow these tips to help you power up your password:
- Don’t Reuse passwords – Once you use it, lose it. Always create new and robust passwords when old ones expire.
- Don’t share passwords – Your password is your business. Don’t share your passwords with anyone including colleagues, friends, and family members.
- Don’t use the same passwords on different sites – It’s tempting to use the same password on different sites but don’t do it. When cyberthieves find a password that gains them access on a website, they will often try it on others. Different sites need different passwords.
Do you know the passwords that are most commonly used are easy to hack?
Check out this list and be sure you’re not using these easy-to-crack passwords on any of your Yale or personal accounts.
Bad, better, best, do your passwords pass the test?
Don't do this!
Bad passwords
- Use common words: baseball or doorbell
- Don't contain special characters or numbers: handsomedan
- Easy to guess: yale1234
Your password is your business. Yale ITS will never ask for your password by phone or email.
This is a better way...
Better passwords
- Use less common words or phrases
- Use upper and lower case letters and/or special characters (@, !,*)
- Are harder to guess: BigBlue17dog%
How many of your passwords fall in this category?
These passwords are best!
Best passwords
- Use diverse compositions including alpha, numeric and special characters
- Are between 8-127 characters
- Use a passphrase: ImgoingtoDisneyWorld1022!YesIam!*!
What changes are you making to power up your passwords?
What is a Password Manager?
A password manager is exactly as it sounds - an application to store and manage your passwords. This can simplify remembering your many different passwords for different accounts. But how do you know those passwords are secure?
Secure password managers use encryption for secure storage. Encryption "locks" the data by converting the stored passwords into unreadable code. The passwords you store can only be unlocked using one master password.
Do I need a password manager for Yale applications that I use?
Most Yale applications should be using CAS. If you find that you are managing many usernames and passwords to access Yale systems, please let us know. Email us at information.security@yale.edu
Can you recommend a password manager?
While Yale doesn’t endorse any one particular password manager for personal use, we encourage you to review recent recommendations by PC Magazine for their favorites.
This helpful article recommends password managers for different uses and includes features and prices.
Read password manager recommendations

MFA - Here, There & Everywhere!
Did you know you can use MFA for your personal accounts?
In 2020 we worked together to launch DUO Everywhere for Yale. This initiative has resulted in a dramatic positive outcome for Yale NetID security.
So why not add this same level of security to your personal accounts?
If your username and password get into the hands of a bad actor, they can be used to steal your personal information. MFA provides an extra layer of protection to prevent this from happening. We encourage you to put MFA on your accounts that hold your sensitive, personal information.
Examples include:
- Places you shop with a credit card
- Bank information
- Retirement accounts
- Email accounts

Here are some resources to integrate Multifactor Authentication (MFA) into your personal life:
Multifactor Authentication for Gmail
Multifactor Authentication for Amazon
Ways to Spread the Word!
Ready to power up your passwords and help others do the same? We have lots of ways to join in cybersecurity awareness fun and learning:

Avoid the Holiday Hoax
Don't let cybercriminals steal your holiday joy. Learn tips for staying safe online this holiday season and ensure your special items end up the hands of your loved ones.

Download Use Secure Password Resources
We've got simple tools to boost your awareness and help you create robust passwords.

Avoid the Holiday Hoax: Tips for Online Safety During the Holidays
Hackers never go on vacation. In fact, they work double-time during the holidays to steal your information. Now more than ever, protecting your online identity is essential.
But it’s not just about you. You may have good online shopping habits but do your kids? What about your parents or grandparents?
Here are a few resources to help you and your family stay safe online during the holidays:
Be Your Home’s Secure Online Shopping Expert
Let’s expand safe online shopping practices with those we love. Check out this worksheet to identify those in your family who should be in the know.
But that’s not all, choose up to 5 online safety tips to share with them and keep them safe too.
Boost Your Online Security: Frequently Used Websites Checklist
Identify the top 10 websites you frequently use. Use this handy checklist to review whether you’ve changed your password recently and to confirm that you use Multifactor Authentication (MFA) as a second layer of online security.
Download Use Secure Password Resources
Boost your awareness with our handy resources!
Our virtual background is a simple way to remind yourself and colleagues about using secure passwords. (plus we bet you’ll look great with the eye-catching green color behind you)

Want password tips at your fingertips?
Our Use Secure Passwords poster does the trick! Post it in your workspace, either at home or on campus, to remind yourself about creating robust passwords to protect your personal information,

5 Simple ways to spread the word!
We'd love your help to let more people know about our Use Secure Passwords toolkit and resources. Here are some ways you can help:
- Email your colleagues with a link to the Use Secure Passwords toolkit.
- Encourage your colleagues to visit the Awareness Program events page and sign up for an upcoming event.
- Share the Use Secure Passwords toolkit at a staff meeting.
- Download the Use Secure Passwords poster and display it in a common area in your workspace (near printers or in kitchens are two ideas)
- Lead the charge in getting your whole team to download and use the Use Secure Passwords virtual background