Passwords and Your Information Security

By Rob Dunkleberger, Chief Information Officer

Information security is an ongoing challenge at Lycoming College as students and employees face the same increase in cyber threats that homes, businesses and government agencies have experienced.

Passwords have become essential in our daily lives; we use them to access applications at work, and for online banking, shopping and credit card websites.

How is it humanly possible for us to remember so many passwords without writing them down on a post-it note taped to the bottom of our keyboard, in a notebook, or swapping between a set of 3 passwords we can easily recall from memory?

One easy way to manage your passwords is to use the technology available in your smartphone. Some researchers believe these devices to be an extension of our human capabilities (see one of my favorites, “We Are All Cyborgs Now”, a TED talk by Amber Case), so why not use it to assist with things our human brain is not able to accomplish?

One password management application I recommend is LastPass, which you can run in a web browser as an extension and on your mobile phone as an app. Once installed, whenever you go to a new website that asks for a complicated password, turn to LastPass to generate that secure password for you, and store it along with the web address. Therefore, when you are on the go and cannot remember the web address and other information for your favorite sites, rest assured that your information is securely stored and easily accessible in LastPass.

I am sharing LastPass because it is the one I use and trust, but certainly there are other password management tools available. Google has another popular password management tool that is also free for personal use.

If you are truly devoted to protecting your personal information, why stop at setting up a password management tool? With LastPass and similar tools, you have the ability to turn on Multifactor Authentication. Multifactor authentication is simply an enhanced way to securely access your vault of passwords and personally identifiable information (PII). With multifactor authentication, when logging in to LastPass, you will be asked to provide two pieces of information — “something you know” (master password), and “something you have” (push notification to your mobile phone). This means you will now have two layers of security to protect your most sensitive personal information.

I am sure this is sounding a little complicated, but do not let it overwhelm you. LastPass explains all of this information in detail on the “How It Works” section of their website.

Talk about information security with your family, friends and colleagues. Awareness is one of the best ways to educate and protect us from unwanted risk in this evolving technology enhanced world.