Password Tips

Your password is the first line of defense against theft and misuse of information in School Manager. Linewize enforces a strong password policy to protect you and your users' privacy. Strong passwords are long, hard to guess, and difficult to breach.

Here are tips to help you develop a good, strong password!

Use a password manager

Using a password manager allows you to log in to websites without the need to remember your password or even type it. Password managers generate complex passwords and store them securely, so you don’t need to remember or write them down. Password managers can keep a record of all your passwords and input them for you when needed, making it even easier to use complex and unique passwords.

Turn on Multi Factor Authentication

If you use a password manager, you should turn on Multi Factor Authentication (MFA). Also called 2FA for 2 Factor Authentication, MFA verifies that you are who you say you are, usually by texting your phone or asking you to get a code from an authenticator app.

View this explainer for more information about MFA. 

Use a passphrase instead of a password

If you can’t use a password manager, you should use a random phrase instead of a password. Passphrases allow you to remember longer passwords and make your account harder to crack.

Passphrases are created by combining three or more random words to make a phrase memorable for you and very hard to guess.

For example, this is a strong password:

y\9C8Tq&BPF:K`\n  


But this passphrase is also a strong password:

sCruffy boogyMan? CalM vibes!


A story about a scruffy but strangely calming boogeyman is a lot easier to remember than a string of random letters, numbers, and characters. For example:

  • scruffy Boogeyman, calM vibeS
  • Scruffy bo0geymanman? Calm vibes!

How to create a passphrase

These are a few techniques you can use to generate a passphrase:

Using the Person-Object-Action Method

Think of three unrelated things: a famous person, a memorable place and an object, and then link them together, in any order, with an action. For example, Ringo Starr (person), Cable Beach (place), and maple syrup (object) become:

Ringo Starr drinking maple syrup at Cable Beach
 

Don’t use things you post on social media

Hackers can and will look through your social media accounts to get ideas about what your password might be. This means your passphrase shouldn’t include anything that someone could learn from your social media account, such as:

  • the names or birth dates of family, friends and pets;
  • your hobbies and interests;
  • favorite sports teams, films, songs or books; or
  • your profession, work history or employer.

Don’t use a common phrase or quote as a passphrase

Hackers make and share huge dictionaries of common passwords, names and phrases in many different languages. These dictionaries often include the most common ‘misspellings’ of those words and phrases.

This means:

  • Don’t use common sayings like, "absence makes the heart grow fonder" or quotes like, "To be, or not to be" as your passphrase. 
  • Don’t use famous lines from film, television, books, or scripture even if you misspell them or substitute numbers for letters. 
  • Don’t use lines from songs or poetry.

Remember

If you can quickly think of the line, so can somebody else.

Check to see if your logins have been leaked

Hackers don’t just share dictionaries, they share lists of email addresses matched to passwords taken from sites they’ve broken into. Services like have I been pwned (https://haveibeenpwned.com) can be used to check if hackers have taken and shared your email addresses or other personal data.

Just be careful only to use breach notification sites that are reputable and familiar to you. Never put your password into an unfamiliar or suspected phishing site, even to check. You should change your password as soon as possible if it may have been compromised in a data breach.

Don’t use the same password across multiple accounts

When you use the same password in multiple accounts, hackers can easily access all of those accounts if the password gets out. Never use the password to your email account for other sites or services. Always use a different, unique passphrase from your other accounts when creating your email login.

Changing passwords regularly

While many experts recommend changing passwords every few months, others advise against it. Instead of cycling passwords, a better solution is using MFA and long passwords or passphrases.

Password monitoring for Google, Apple and Windows 

Google, Apple and Windows now inform users of potential password leaks and recommend actions for unsafe or weak passwords, or passwords that are reused in multiple accounts.

To enable this feature on iOS: Go to Settings > Passwords > Security Recommendations, and toggle Detect Compromised Passwords.

Visit the following pages for more information about monitoring and changing passwords:

Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.