IUP artmark

Personal Security Practices

  • Protecting Your Password

    Creating More Secure Passwords

    E-mail Attachments

    Other Security Measures

    More Information on PC Security Practices


    This webpage provides tips for mitigating technology-related risks while getting the most out of your computing environment by addressing personal security practices and offering suggestions related to passwords and e-mail attachments.

    Protecting Your Password

    These days, almost everything we do requires a PIN number or a password. There are so many that we sometimes can't keep track of them. While we may find passwords somewhat annoying, and even take them for granted, it is important to remember why passwords are important.

    Passwords are often the first, and sometimes the only, defense against unauthorized access or intrusion of a specific computing system. For this reason, creating and maintaining secure passwords is the single most important step to protecting yourself from unauthorized use of your computing resources.

    To protect your password:

    • Never share your password with anyone.
    • Never give your password to someone over the phone or send it in an e-mail message.
    • Change your password frequently (at least every six months).
    • Commit your password to memory. Never write it down!
    • When prompted to save a password on the Internet, choose No!
    • If you think your password has been used to gain unauthorized access to a computing resource, change it immediately!

    Creating More Secure Passwords

    Although passwords are a vital component of system security, they can often be cracked or broken relatively easily. Password cracking is the process of figuring out or breaking passwords in order to gain unauthorized entrance to a system or account.

    Because there is always an ongoing threat of password cracking, we must develop good, strong passwords. Here are a few suggestions when creating and maintaining your passwords (this information is from the U.S. Computer Emergency Response Team (US-Cert) webpage)

    Good practices for choosing secure password:

    • Use a combination of upper- and lowercase letters, numbers, and special characters, using at least eight characters.
    • Develop a mnemonic for remembering complex passwords.
    • Use different passwords on different systems.

    Good examples:

    • “The rain in Spain falls mainly on the plain” could become TriSfmotp_%9
    • “There’s a snake in my boot” could become Ta$imb-6

    Poor practices for choosing a secure password:

    • Do not use passwords that are based on personal information that can be easily accessed or guessed.
    • Do not use words that can be found in any dictionary of any language, or common phrases of any language.

    Poor examples:

    • Names of family members or pets, birthdays, social security numbers, phone numbers, addresses.
    • cestlavie
    • thatslife

    E-mail Attachments

    Even though a number of methods are used to protect you from becoming infected, new virus threats continue to be an issue, particularly with e-mail attachments. The IUP e-mail server blocks some attachment types (see E-mail Attachment Filtering) that are known to spread viruses. You should still exercise extreme caution when receiving e-mail with attachments, even from people you know. Most viruses “spoof” or “fake” the sender’s e-mail address, making it look like the message is from someone you know. If you weren’t expecting an attachment, consult with the sender before opening it, or simply delete it. When in doubt, don’t open it.

    Other Safety Measures

    One other step in keeping your office computer safe is logging off each day but leaving your PC on so that it receives any necessary security patches or virus updates during the overnight hours.

    Also, if you are going to be away from your computer, you can lock it to prevent someone else from using your account. In Windows, you can lock your computer by pressing Ctrl-Alt-Del simultaneously, and click on “Lock Computer.” You can unlock it when you return by pressing Ctrl-Alt-Del again and entering the password you used to log on to the computer.

    You can also use the Windows screen saver to lock your computer automatically after a period of inactivity. To do this:

    1. Right-click on a blank area of your desktop.
    2. Choose Properties.
    3. Click on the Screen Saver tab.
    4. Select one of the built-in screen savers from the pull-down list.
    5. Select the number of minutes to wait before the Screen Saver activates.
    6. Be sure that “On resume, password protect” is selected.
    7. Click Apply, then click OK.

    More Information on PC Security Practices

    The U.S. Computer Emergency Response Team (US-Cert) offers extremely valuable information regarding PC security practices. Please take a moment to review these US-Cert websites to aid in protecting your PC and yourself.

    Cyber Security Tip ST04-002

    Cyber Security Tip ST04-003