Use passphrases to fend off cybercriminals

Did you know a password like G0!pack1 can be cracked by cybercriminals in just a few minutes?

It’s tempting to use — and reuse — passwords like this when you’re experiencing password fatigue. In fact, a study from NordPass estimates the average person has 100 passwords. That’s a lot to juggle.

Passwords are one of the most common ways cybercriminals hack into systems — potentially gaining access to your personal information as well as sensitive NC State data. That means every weak or reused password puts the whole Wolfpack community at risk.

Here are a few ways you can up your security game.

Opt for Passphrases Over Passwords

You’re probably used to hearing that passwords are most secure when they’re complex, using a combination of uppercase and lowercase letters, numbers and symbols. The more complex, the more secure — but that also makes them harder to remember.

Passphrases are a smarter choice. A passphrase is simply a long series of words such as Mr Wuf is my pal or strawberry-shortcake-with-Howling-Cow. It’s the length rather than complexity that makes passphrases secure. Compared to G0!pack1, it would take billions of years to crack a passphrase like Mr Wuf is my pal. It’s also easy to remember.

Always Create a Unique Passphrase

Every account should have its own passphrase, and changing just a few characters isn’t enough.

Let’s say you use the same or a similar password or passphrase for your NC State, Amazon and Netflix accounts. If a cybercriminal gets your credentials for one account, they’re just a few steps away from accessing your inbox, benefits or financial aid records, banking information and more.

Let a Password Manager Do the Work

To help combat password fatigue, consider using a password manager. A password manager is a tool that securely stores your login credentials for multiple accounts and can even log you in to those accounts automatically. You only have to remember one password. Password managers can also generate strong passwords for you.

LastPass Enterprise is available to NC State employees. This password manager can be installed using any device, operating system or browser. Learn about LastPass licensing through OIT Vendor Risk & License Management.

Use Two-Factor Authentication (2FA)

Be sure to set up 2FA for every account, even personal accounts, to further protect your data. NC State uses Duo Security as its 2FA solution, and the Duo Mobile app is a convenient way to manage those 2FA requests. See How do I add a new device to Duo? to enroll your devices.

To learn more about passphrases and best practices, see NC State Password Guidelines and Password Standard. If you have questions or need assistance, contact the NC State Help Desk via the NC State IT Service Portal or call 919.515.HELP (4357).