Creating strong passwords for every account that you use is important because doing so keeps hackers from accessing your personal information. This article will help you understand why it's important as well as how to create and manage these passwords.
Some common ways that hackers get your password:
- Dictionary or brute force attack - they use a program that uses trial and error to guess your password. If you use a simple password, it's easy for hackers to gain access to your account this way.
- Phishing - you accidentally click on a link in a phishing email and you enter your email address and password on a site that's pretending to be outlook.com or something similar. Now the hackers know your email address and password and they can access your account.
- Social - a hijacker targets you and guesses your password by using information that you've posted online, such as children or pet names.
- Data breach - a website that you use (such as yahoo.com) suffers a data breach and your email and password combination are revealed to hackers
The risk of using the same password on multiple sites
If you use the same username and password combination on multiple sites, if a hacker figures out your password on one site, they can then easily use that same password to access your information from other sites that you use.
How to create a secure password
We highly recommend using a password manager such as Bitwarden or 1Password. These services will help you create secure passwords, but only require you to remember ONE easy password to access those accounts. Take a look at this video to learn how they work (this video is hosted on Office365, so it's going to ask you to enter your school email and password to view).
If you decide not to use a password manager, take a look at this article that explains how to create passwords that are more secure.
Multi-factor authentication
Many services offer something called multi-factor authentication (MFA) to keep your account even more secure. If you have MFA enabled for a certain account, you will enter your username and password, and then you'll be asked to also enter a code that is sent to you through a second method, such as a text message or phone call. This short video explains the process. Although this is slightly inconvenient, it greatly enhances your security, because a hacker would need to know your password and also have access to your secondary device in order to get into your account. If you'd like to enable MFA on your school email, please send us a request to turn it on support@leahschools.org
Password resets
If you have the ability to reset passwords on any school platform, please be wary of people emailing you to ask for a password reset. Contact them through a secondary method, such as a phone number or parent email, to make sure you're talking to an actual person and not someone who has gained unauthorized access to a student or staff email account.
Where do I start?
If you'd like to create more secure passwords but you don't know where to start, you can look at the passwords that you've asked your browser to save for you. Take a look at this article to find out how to see them. You can go to those sites and create new passwords one by one. If there are so many passwords that it seems overwhelming, set an alarm on your phone and just take 5-10 minutes each day and reset one or two every day until every website you visit has a different password.
Questions
If you have questions about anything, you can always open a ticket with us by emailing support@leahschools.org. We will be happy to help you out.