Staff Security Awareness Tips

Improving Employee Security Awareness

Contact Sales
PhishingBox Security Awareness Training Provider and Phishing Simulation End-PointPhishingBox Security Awareness Training Provider and Phishing Simulation End-Point

Password Management
 

This is the Security Tip: Password Management email that is used within the PhishingBox security awareness training. These security tips can be used to provide ongoing security reminders to employees.

PhishingBox Logo
Banner
What You'll Learn Today: Password Management

In today's environment, there are an increasing number of web-based systems. As such, it is likely that you have multiple usernames and passwords to remember.

The good news is that many organizations are using to single-sign-on systems (SSO) to minimize the number of logins that a user must remember. If your organization uses SSO, but you still access a legacy system via an individual username/password, contact your IT staff to see if the application can be included in the SSO framework.

Password management tips

If possible, use a password management software. Password management software helps to use unique and complex passwords for multiple systems.

Do not reuse the same password on multiple systems. The reason is that if one system is compromised the other systems are likely not at risk.

If you must write down a password, do not write down the whole password. If you withhold two letters from the written password, it is likely the account would be locked before the someone was able to figure out that the complete password was not there. An example is below.

  
Check Icon

If possible, use a password management software. Password management software helps to use unique and complex passwords for multiple systems.

Check Icon

Do not reuse the same password on multiple systems. The reason is that if one system is compromised the other systems are likely not at risk.

Check Icon

If you must write down a password, do not write down the whole password. If you withhold two letters from the written password, it is likely the account would be locked before the someone was able to figure out that the complete password was not there. An example is below.

Actual

56gfX20!six
72gf3TL#e3a

Written

56X20!six
723TL#e3a

NOTE: When using this technique, do not use at the beginning or end of the password.

Extra Credit: The reason for the restricting logins to a set number is to lock an account before someone is able to guess or access a system.

If you believe that one of your passwords have been compromised, notify your IT Staff and change relevant passwords as necessary.

Copyright © 2021 PhishingBox, LLC