We need to talk about your password
Use your university password for only your university accounts
It is annoying to have to remember multiple passwords for all of the different sites and services we use — our bank, email, social media sites etc. — which is why it is so tempting to use the same password in multiple locations.
But if you used that password for multiple services and it was somehow compromised by a fraudulent email message for example, a cyber criminal would have access to all of your accounts. That is a big risk to take.
On the other hand, using a unique password for each account means that even in the event of a data breach in one of the services you use, your other accounts would be safe.
Security breaches happen
Security breaches have become a major issue and they are happening more often. Just last year Facebook, Cambridge Analytica, Google+, Marriott Hotels and My Fitness Pal all experienced data breaches affecting the personal information of millions of users.
What happens when a hacker gets access to your password from a service like Facebook? They go hunting. They try the information they received from Facebook to access your accounts at other services, like Google, Amazon, Dropbox, Twitter, TD Bank (and all other banks) and more. Now imagine that your password was the same for all these services. Yikes!
This is why IST Information Security and Compliance recommends you use your university password for only your university accounts.
Password protection tips
Keep these tips in mind to ensure the security of your personal data every day:
- Never share your password
- Be cautious about email requesting personal information
- Use your university password for only your university accounts
For more information about safe password use, see Using Passwords from the Government of Canada’s Get Cyber Safe initiative.