We have so much to remember every day. Add to that the dozens (or more) passwords and PINs we must remember in order to log in to work and personal accounts, and it’s easy to feel overwhelmed.

And when we’re overwhelmed, it’s easy to let good security habits lapse.

However, passwords and PINs protect so much sensitive data, good security habits are critical. Try these three best practices to keep your passwords and PINs safe.

(1) Create Strong, Unique Passwords and PINs (Personal Identification Numbers)

More than 90% of us know it’s risky to reuse a password or PIN across accounts. Research shows that at least 60% of us do it anyway. The leading cause of password reuse is password fatigue. We have too many accounts and it’s nearly impossible to remember complex passwords for each one.

Fight the fatigue, though, because password reuse is a leading cause of account compromise. Imagine you’ve used the same password for your work email and a social media account. Now, imagine that an unreported data breach on the social media site exposed your password. Suddenly, your work email account is vulnerable because it uses the now-exposed password.

A strong CNetID password is your first line of defense against anyone trying to gain access to your University account. To create a strong CNetID password, choose one that contains at least 12 characters and combines uppercase and lowercase letters, numbers, and symbols. You can also select a passphrase, which contains at least 19 characters, including punctuation and spaces between words or letters.

Remember to update your password regularly.

(2) Keep Your Credentials Secret

Protect your passwords and PINs like the valuable assets they are. Your login credentials are often the only things that protect your money and data from cybercriminals. Keeping your credentials safe means not writing them down, not sharing them, and not letting others watch when you enter them.

  • Do not write down credentials
    • Avoid the temptation to write down PINs and passwords, even if you think your hiding spot is great.
  • Do not share your login
    • You can’t control what that person does with your credentials.
    • Already shared your password? Change it now.
  • Strongly discourage “shoulder surfing”, the act of looking over one’s shoulder, when entering credentials in the office or public places, such as banks.
    • Shield your credentials when you enter them
    • Ask coworkers and  patrons to please step back to respect your privacy

(3) Store Your Credentials Safely

You might ask yourself, “If I need a unique password or PIN for each account, and if I can’t write those down, how will I remember all of them?” We’re glad you asked.

Strong, complex passwords can be difficult to create and remember. Consider using a password manager. This tool lets you create strong, unique passwords for each account without having to remember all of them.

Think of a password manager like a digital safe. It securely stores and manages usernames, passwords, and PINs for all of your individual accounts. To access the information, you create a strong master password. This master password is the key to your “safe” and the only password you need to remember.

Password managers, such as Password Safe or LastPass, generate strong passwords and store them securely in one place. To compare features among the most popular password managers, view a list from PC Magazine.

Don’t store your login credentials in a browser. While it might seem convenient to let your browser save your login information, avoid this habit. Not all browsers store usernames and passwords securely.

Do Your Part #BeCyberSmart