Your password is the first line of defense against theft and misuse of information in School Manager. Linewize enforces a strong password policy to protect you and your users' privacy. Strong passwords are long, hard to guess, and difficult to breach.
Here are tips to help you develop a good, strong password!
Use a password manager
Using a password manager allows you to log in to websites without the need to remember your password or even type it. Password managers generate complex passwords and store them securely, so you don’t need to remember or write them down. Password managers can keep a record of all your passwords and input them for you when needed, making it even easier to use complex and unique passwords.
Turn on Multi Factor Authentication
If you use a password manager, you should turn on Multi Factor Authentication (MFA). Also called 2FA for 2 Factor Authentication, MFA verifies that you are who you say you are, usually by texting your phone or asking you to get a code from an authenticator app.
View this explainer for more information about MFA.
Use a passphrase instead of a password
If you can’t use a password manager, you should use a random phrase instead of a password. Passphrases allow you to remember longer passwords and make your account harder to crack.
Passphrases are created by combining three or more random words to make a phrase memorable for you and very hard to guess.
For example, this is a strong password:
But this passphrase is also a strong password:
sCruffy boogyMan? CalM vibes!
A story about a scruffy but strangely calming boogeyman is a lot easier to remember than a string of random letters, numbers, and characters. For example:
- scruffy Boogeyman, calM vibeS
- Scruffy bo0geymanman? Calm vibes!
How to create a passphrase
These are a few techniques you can use to generate a passphrase:
- Use your password manager
- Use a dice list like https://www.eff.org/dice
- Use the Person-Object-Action method
Using the Person-Object-Action Method
Think of three unrelated things: a famous person, a memorable place and an object, and then link them together, in any order, with an action. For example, Ringo Starr (person), Cable Beach (place), and maple syrup (object) become:
Don’t use things you post on social media
Hackers can and will look through your social media accounts to get ideas about what your password might be. This means your passphrase shouldn’t include anything that someone could learn from your social media account, such as:
- the names or birth dates of family, friends and pets;
- your hobbies and interests;
- favorite sports teams, films, songs or books; or
- your profession, work history or employer.
Don’t use a common phrase or quote as a passphrase
Hackers make and share huge dictionaries of common passwords, names and phrases in many different languages. These dictionaries often include the most common ‘misspellings’ of those words and phrases.
- Don’t use common sayings like, "absence makes the heart grow fonder" or quotes like, "To be, or not to be" as your passphrase.
- Don’t use famous lines from film, television, books, or scripture even if you misspell them or substitute numbers for letters.
- Don’t use lines from songs or poetry.
If you can quickly think of the line, so can somebody else.
Check to see if your logins have been leaked
Hackers don’t just share dictionaries, they share lists of email addresses matched to passwords taken from sites they’ve broken into. Services like have I been pwned (https://haveibeenpwned.com) can be used to check if hackers have taken and shared your email addresses or other personal data.
Just be careful only to use breach notification sites that are reputable and familiar to you. Never put your password into an unfamiliar or suspected phishing site, even to check. You should change your password as soon as possible if it may have been compromised in a data breach.
Don’t use the same password across multiple accounts
When you use the same password in multiple accounts, hackers can easily access all of those accounts if the password gets out. Never use the password to your email account for other sites or services. Always use a different, unique passphrase from your other accounts when creating your email login.
Changing passwords regularly
While many experts recommend changing passwords every few months, others advise against it. Instead of cycling passwords, a better solution is using MFA and long passwords or passphrases.
Password monitoring for Google, Apple and Windows
Google, Apple and Windows now inform users of potential password leaks and recommend actions for unsafe or weak passwords, or passwords that are reused in multiple accounts.
To enable this feature on iOS: Go to Settings > Passwords > Security Recommendations, and toggle Detect Compromised Passwords.
Visit the following pages for more information about monitoring and changing passwords: