Securing your passwords

Having different passwords for different accounts increases security. If hackers steal an account’s password, they crack it off line, then check if people have re-used that password at other sites. If you are using different passwords at different sites, even if one of your passwords is compromised, your other passwords and accounts are still secure.

Two important things to remember:

• Never use the same password for confidential and public accounts. For example, your financial passwords should be different from your social media passwords.
• Never use your UDelNet password for other accounts; that password should be unique to your UDelNet account.

Last month, UDelNet account holders were instructed to change their passwords to help prevent potential intrusions as a result of the Heartbleed bug. Here’s why.

When data has been compromised, it’s not always clear that a hacker has damaged or taken information until it is too late to prevent the damage. When hackers capture data – including passwords – they have to spend time breaking it down. If you change your password regularly, you decrease the chance that a password file cracked off line contains your current password.

For this reason, you should change your passwords at least annually.

Passwords are only secure if you don’t share them. Password sharing compromises security, regardless of how minor the risk may seem at the time. If you are the only one who knows your password, then you can directly control all access to your account.

Notify the IT Support Center immediately by calling (302) 831-6000, submitting a Help Request Form, or emailing consult@udel.edu. IT staff will conduct an investigation and, if necessary, guide you through the process of getting a new password.

It can be hard to remember many passwords and other login credentials. Some people opt to use password managers like LastPass to record and store the bulk of their passwords. While password managers certainly take much of the effort out of remembering login information, they do have a downside. A single password – the one required to access the password manager – now protects access to all of your accounts. If that password is compromised, the rest of your accounts are compromised as well.

Do not store your UDelNet password in a password manager or other file. Doing so exposes your UDelNet password to additional risk.

Ultimately, it’s up to you whether you want the convenience of a password manager. But be aware of the risks.