Email this Article Email   

CHIPS Articles: Password Management Security

Password Management Security
By Lt. Cassandra Pristas - April-June 2017
Password management is an important part of protecting your identity and security. Reputable websites require a username and password to ensure your personal information is protected while you are conducting transactions. Using a password management application tool will help you manage and keep track of all your usernames and passwords securely.

Be mindful that no matter where you are on the internet never save or store passwords to a website. This can be tempting to save time; however, the time you will spend retrieving your lost data or recovering from identify theft could take months or years to repair.

Always clear the cache from a public workstation as a safety precaution. Never let your guard down when using a public computer and be sure to stay vigilant when accessing unsecure websites.

Take extra precautions in traveling through airports, staying in hotels and using public Wi-Fi hot spots. Avoid logging in and accessing your accounts on an unsecured Wi-Fi access point.

A good practice is to set your personal workstation settings to clear the cache every seven days.

There are a number of methods to help protect against password compromise, including these tips:
- Never use the same password for multiple accounts.
- Use long and complex passwords. Shorter passwords are much more vulnerable to attack.
- Change passwords every 90 days.
- Do not use Social Security numbers, birthdates or names in passwords.
- Use a combination of special characters and upper and lower-case letters in passwords.
- Never use “password123” — it is a common password and easily compromised.
- Be observant while entering your username and password in public locations to avoid a shoulder-surfing attack.
- Legitimate companies will never send emails asking for username credentials. If you receive an email purporting to be from a trustworthy company with a link to change your login credentials, this is a hoax and phishing attempt to trick you into giving sensitive information to scammers. Delete the email and report the incident to the company being impersonated.
- Never click on a link from an unknown source.
- If a website provides a password security analyzer, check the password strength for security. If the website does not provide a password analyzer, visit The Password Meter.
- Make sure workstations are up to date with anti-malware and anti-virus applications.
- Never reuse a password that was used in the past.
- Be sure workstations are locked when not in use. Not locking your workstation can leave it vulnerable to compromise.
- If you have a difficult time remembering passwords, write them down, but keep them in a locked and secured location. Never place your passwords underneath your keyboard.
- Use a password management application tool. LastPass, Dashlane and KeePpass are great tools to use on your mobile device or workstation.

Lt Cassandra Pristas is the N6 department head for Navy Information Operations Command (NIOC) Pensacola, Florida.

FORT MEADE, Md. (Nov. 10, 2016) Continue to use strong passwords and change often; protect your personal and private information — in every communications medium. Don't make yourself an easy target. Dept. of Defense graphic by Nathan Quinn/Released
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer