Password tips

A strong password is one that’s difficult for others to guess or crack. They typically comprise of a mix of uppercase and lowercase letters, numbers and special characters, such as !@#$%. They are also often at least 12 characters long. A strong password will avoid using easily guessable things such as names, dates, birthdays or common words. Think of a strong password as a key for the tractor that only you have. Increase password difficulty by using special characters not found on a keyboard, such as ALT code symbols. Alt Codes List of Alt Key Codes Symbols (alt-codes.net). Not all websites will allow the use of these symbols, but those that do will be extra secure.

Practical tips

In summary a strong password will contain the following:

• A mix of uppercase and lowercase letters
• Contain numbers
• Contain special characters such as @#$!^&*()
• At least 12 characters long, but desirably 16 characters or longer
• Will not include names, including first, last, nicknames, usernames and place names
• Will not include dates
• Will not include common words

Many password managers will autogenerate strong passwords for you, but you may also use online password generators to create complex and unique passwords.

Passphrase

An alternative approach when setting a strong password is to use a passphrase. A passphrase is like a sentence or sequence of words that is longer than a typical password. The benefit of a passphrase is they are easier to remember, and still difficult to guess. For example, “OldDogSleepsAllDay” is easy for you to remember. Replace a few letters with similar special characters or change their case and the passphrase becomes more secure. Eg”0lDd0g5l3Ep5@lLD@Y”

Update your passwords on a regular basis and be cautious and aware of phishing attempts. If you receive a suspicious email, do not click on any links and verify the sender’s identity. Think of it as being wary of strangers posing as a trusted merchant trying to get information about your farm.

Interactive activity

Go to Have I Been Pwned: Pwned Passwords

1. Enter a password that consists of a combination of upper and lowercase letters, includes at least one number and one special character. Make sure it is at least 12 characters long. How many times has it been found in data breaches?
2. Do the same with a passphrase.

How much more secure do you think the passwords and passphrases you entered are compared to your existing password? Do you think it will be a good idea to update your passwords to something more secure?

What did you find?

If you have found that your passwords are not as secure as you thought they were, it is time to update them. Begin with the most importance passwords first, such as banking, government and email accounts. Take your and ensure that you follow the procedures we have covered in this topic. Use unique and strong passwords and use a password manager. If the option is available, enable 2FA or MFA for added security. Think about how these more complex passwords, a strong unique password and a passphrase compared to the results of your own password from earlier in this topic. Was your password found in a data breach and were the unique passwords found? What do you think is the most secure?

You can use Free Password Generator | Create Strong Passwords and Passphrases | Bitwarden to generate a strong and unique password or pass phrase on the fly.

Many websites may give you suggestions on strong passwords by displaying a password strength meter. However, many websites do not include a strength meter, and the way that they evaluate password strength varies from one website to another. If a password strength meter is present, why not utilise it to make sure your password is secure?

Password Managers

However, the key for your tractor shouldn’t start your Ute or unlock your shed. Passwords are no different. Each account that requires a password should be unique. That way, if one password is lost no other accounts are compromised. Imagine losing the key to your Ute and then your Ute, tractor and contents of your shed are stolen. But remembering all these passwords is impossible, so consider using a password manager. It can generate strong passwords for you, store them securely and then recall them when needed. Password managers, however, often require a master password. The benefit of this approach is you only need to remember one master password instead of dozens of others. There are free password managers such as Google or Bitwarden to save you cash.

2Factor and Multi-Factor Authentication

A strong password does not guarantee protection. You can enhance it further by employing 2 factor (2FA) or multi factor authentication (MFA) where possible. What is authentication and what’s the difference between 2FA and MFA?

Authentication

What is authentication and what’s the difference between 2FA and MFA?

• Authentication verifies your identity. This can be done with the following categories:
  1. Something you know, such as a password, PIN or security question.
  2. Something you have, such as a token or one time password.
  3. Something you are, such as a fingerprint or face ID.
  4. Somewhere you are, such as a specific location.
• Typical login allows you to login with something you know, such as username, password, PIN or security question. It often only requires 2, such as a username and password.
• 2 factor authentication requires you to have a secondary means to authenticate, or prove you are who you say/claim you are when signing into an account. The secondary means can be from a different or the same category. Instead of entering only a username and password, you may need to answer a security question or enter a pin.
• Multi factor authentication requires at least 2 different types of authentication from the list above. For example, you may need a one-time password or fingerprint to gain access.