Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
🎓 Purpose
Unique user names and secure passwords are used by systems to distinguish between authorized users and unauthorized individuals. Weak passwords can be cracked by a threat actor within a matter of seconds or minutes, merely delaying their access to your systems and data, rather than preventing it.
👥 Audience
Status | ||
---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
🔖 Contents
Table of Contents | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Initial considerations
Warning |
---|
Do NOT share your password with anyone, regardless of their stated intent. Your supervisor, manager, colleague, nor IT staff should ask you to provide it. |
\uD83D\uDCD8 What can I do?
*️⃣ Consider the following principles when choosing a password.
Unique
For every account you have, you should use a unique password to help limit the exposure caused by a breach or theft to just one account.
Long
Create a password with 14 or more characters.
Brute-force attacks, wherein all character combinations are attempted in order to guess a password, are most successful for short passwords.
Whereas a password made up of 8 characters could take only hours to crack, passwords over 14 characters would take centuries.
Random
Avoid common phrases, words associated with your identity (e.g.; name, username, job, family members, hobbies, interest) and other easily guessable words or strings of characters.
Complex
Use a combination of uppercase and lowercase letters, numbers, and special characters.
🔐 Where possible, use passkeys over passwords.
Passkeys are digital credentials, stored on a device and generated through public-key encryption, whereby authentication is performed by nature of the device being trusted, rather than you providing a password.
📱 Enroll in the University’s multi-factor authentication (MFA), if you haven’t done so already.
🔓 Use a password manager to help prevent password reuse.
When passwords are reused across multiple accounts, a single data breach or successful phishing attempt could result in malicious individuals gaining access to the various accounts where that password was used.
🎣 Be aware of known phishing attempts and report suspicious emails to help protect your and others credentials.
Page Properties | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
|
🔍 Search
Live Search | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
✉️ Additional help
👥 General
🔬 Researchers
https://security.utoronto.ca/services/research-information-security-program/
\uD83D\uDCCB Related articles
Filter by label (Content by label) | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|