Why is it important to use a strong unique passphrase for each of your social networking accounts?

Proper management of your account passwords/passphrases is key to the security of your information and your online security. As such, it is important to learn how to keep your information secure with a strong passphrase.

Why "passphrase" instead of password?

A passphrase is more secure than a password because it contains more than a single dictionary word. 

How do I choose a strong password?

For starters, create a passphrase instead of a password by picking an easy-to-remember sentence. For example, Where Is My C0ffee?. This contains uppercase letters, lowercase letters, a number, a substitution, spaces and unique characters!

To make your passphrase even stronger, try using the starting letters of each word in the phrase, and alternate between uppercase and lowercase. Or try using words from multiple languages. Get creative with it!

What is the reason for having multiple unique passphrasses?

If your passphrase is the same for two separate accounts, a hacker only needs to compromise one in order to gain access to both. Since you will often use the same email address to log into multiple services, hackers will try your email and password combination on all of the most commonly used services (i.e. Facebook, Twitter, Amazon).

Accounts such as your UVic or bank accounts, contains sensitive information (grades, financial information, SIN, tax information, etc.). As such, it is that much more important that the passphrases for these accounts be unique from others, such as your social media accounts.

Why does passphrase length matter?

The longer the passphrase, the harder it is to crack!

• Related support
• Related services

secondary navigation

skip to main content

• Information Security Policy
• 10 Steps to Cyber Success
• Training & Policies
• Reporting an Incident
• Protect Yourself from COVID 19 Scams
• Phishing
• Social Engineering
• Strong Passwords
• Ransomware
• Social Networking
• CyberSafe Zooming
• Updates and Anti-virus
• Mobile Devices
• Protect Your Data
• Storing Data Securely
• Public Wi-Fi Hotspots
• Physical Security
• Cyber Security Programme
• Cyber Escape Rooms
• Password Managers
• Cyber Security Inductions
• Gender-Based Violence IT Help

Life is full of passwords. We use them every day to shop online and to access email, social media and University systems. Passwords prove who you are and help stop identity theft, fraud and confidential information falling into the wrong hands.

Using strong passwords, or passphrases, is an essential part of protecting your online accounts. A strong password is one that is unique, long and hard to guess.

Remembering different strong passwords for each online services can be difficult. That's why we recommend using a password manager to create and manage your passwords. All you have to do is remember the password to your password vault. Choose a password manager that supports 2-factor authentication for added security.

Hunt the Password from Get Safe Online on Vimeo.

Top Tips for Strong Passwords

Do:

• Use a unique, strong password for each of your online accounts. 
• Use 3 random words to create a strong password
• Use 2-factor authentication where it’s available, especially on your most important accounts, like email and online banking.
• Use a a password manager to help manage your passwords

 Don't:

• Use your University password on any other website
• Use your email password on any other website
• Share your password with anyone
• Use variants of password, e.g. password1, p@ssw0rd, etc.
• Use personal details such as the names of family members, pets or your favourite sports teams
• Use single words from the dictionary, as these can be easily cracked

Use 3 Random Words to Create Strong Passwords

A simple way to create a strong password is to use 3 random dictionary words.

• Avoid family members’ names, sports teams, or other words that could be guessed from your social media profiles
• Use long passwords for strong passwords
• Go to How Secure is My Password to see how longer passwords are more secure (although don't actually enter a password you intend to use - never share your passowrds with anyone!)
• You can add capitalisation, symbols or numbers for added complexity

Use a Strong, Unique Password for your Email Account

Never use the same combination of email address and password for your email account as you do for other services. Other websites may be compromised by a data breach, making it fast and easy for your email to be hacked too. 

Go to Have I Been Pwned? to find out if an online account has been compromised in a data breach. If it has, any other accounts that use the same password could be be at risk.

Your email is particularly important because if it's hacked:

• Cyber criminals can impersonate you to commit identity theft and fraud
• Password reset requests are sent to your email account, leaving your most important accounts at risk
• Any sensitive data you send or receive could be intercepted
• Your email account is a treasure trove of information that could be exploited by hackers

Password Managers

We all have dozens, if not hundreds, of online accounts. With even the largest websites falling victim to data breaches, it is essential to have a unique, strong password for every website. Using a password manager is the only realistic way of doing this.

The more popular password managers:

• Work across multiple devices
• Store all your passwords in a single location
• Create incredibly complex passwords that are practically uncrackable
• Automatically log you into your favorite websites 

By using a password manager you only ever need to remember a single master password. With all your passwords stored in the same location, you should add 2-factor authentication for an added layer of security.

There are lots of password managers available, including many that are free or have free versions, such as LastPass.

Find out more about password managers

Two-Factor Authentication

Use two-factor authentication (2FA) on your most important online accounts, like email and banking. 2FA adds an extra layer of security by adding a second way to confirm your identity. This could be in the form of a code sent via a text message to a nominated phone or a code generated by a smartphone app.

What is Two-Factor Authentication? from Martin Thoburn on Vimeo.

Find Out More

You can change your password in Pegasus.

Go to the DS Password help page for more information.

To reset your password you'll need to have the following infromation to hand:

• DS username
• Date of birth
• Personal email address

Go to the DS Password help page for more information.

If you think your DS password may be known by a 3rd party you should:

• Disconnect your device from the University network (both wired and wireless)
• Change your password via a device you don’t regularly use (e.g. colleagues PC)
• Report it to the Helpdesk

Many of the biggest online services will allow you to set-up 2FA. Click on the links below for more information:

• Amazon
• Apple
• Facebook
• Google
• Instagram
• LinkedIn
• PayPal
• Twitter

secondary navigation

skip to main content

• Student Experience & Enhancement Services
• Print Services
• Estates Services
• Finance Directorate
• Human Resources Directorate
• Procurement

• Information Security Policy
• 10 Steps to Cyber Success
• Training & Policies
• Reporting an Incident
• Protect Yourself from COVID 19 Scams
• Phishing
• Social Engineering
• Strong Passwords
• Ransomware
• Social Networking
• CyberSafe Zooming
• Updates and Anti-virus
• Mobile Devices
• Protect Your Data
• Storing Data Securely
• Public Wi-Fi Hotspots
• Physical Security
• Cyber Security Programme
• Cyber Escape Rooms
• Password Managers
• Cyber Security Inductions
• Gender-Based Violence IT Help

Why is it important to use a strong unique passphrase for each of your social networking accounts quizlet?

Why it is important to have a strong password?

Why is it important to use different passwords for different online sites?

What is a passphrase in cyber security?