Think of passwords as keys to rooms in your house. If you give your keys to a thief, they can easily gain access to your house.
This content can be viewed in video format.
Most Ontario school boards use a password system called ‘single sign on’, this means you can use the same username and password for many systems. It also means that it’s like a master key, one password can give a thief access to everything. Obviously, this key needs to be very well protected. At home, you might use the same username and password for many different accounts. Thieves can potentially have full access to your accounts and steal your identity.
Tips and Tools to Help you Protect Your Passwords
- Never share your passwords. Not with anyone, at any time, including your supervisor. Your supervisor should never ask for your password.
- Use different passwords for your professional and personal accounts. The more you use the same password the more damage can be caused if a hacker gets access to it.
- Make your passwords strong. The longer the better. Consider a phrase or a quote. Consider substituting numbers and symbols instead of letters. For example a 5 instead of an s, or an @ symbol instead of the letter “A”.
- Avoid choosing passwords that can be easily guessed by those that know you or can find out information about you online (for example your social media posts).
- If you need to write down your password do not keep it at the same place that the account can be accessed (for example under your keyboard or in your work desk). Lock it away somewhere securely in a different location.
- Consider using a trusted password manager. Password managers store all your passwords in one piece of software. However, make sure you secure access to that manager extremely well.
- Consider using multiple factor identification (authentication) where supported. This sounds a bit technical, but it isn’t really. Simply assign a cell phone number in your security settings, and when you login, the company sends you a text with an access code. This is useful because if someone does get your password, they need to be able to get that code to be able to access your account. This adds an additional, and very hard to break, layer of security.
- Check with your board IT department to see if it has self service password capabilities. This would allow you to reset and change your password from any browser, from anywhere.
- If you think your password may have been compromised contact your IT Helpdesk.
Put a passcode on your cell phone. Once again, make sure it isn’t easy to guess.
Look after your passwords as if they were your house or car keys. Your IT Services should never request your password.