 | Don't use easily guessable PassPhrase. A few examples of easily
guessable PassPhrase are spouse's name, dog's name, room number, school
name or mascot, building name, zip code.... |
| Change all default passwords immediately on the first login. |
| Don't post your PassPhrase on a sticky note on your monitor, phone,
keyboard, etc. Don't think that putting it under your calendar or in
your desk drawer will help (1st places an intruder will look) |
| Your supervisors cannot require you to reveal your passwords for any
reason. Contact Human resources if you cannot resolve this request. |
| Change your PassPhrase regularly. If you think someone may have your
PassPhrase, change it NOW. |
| Don't reveal personal information on the phone or via e-mail. Social
engineers are known to ask seemingly innocuous questions that will
reveal confidential information. |
| If an ITCS service technician needs your PassPhrase you need to
provide it in person and not over the phone. Obtain identification from
the technician unless you know him/her. Change the PassPhrase when the
technician leaves. |
| Don't use the "remember the password" feature when logging on. This
means your password is either stored on your computer or cached in
memory. Others can then log into the application on your computer
without using a password. Hackers can also find the password file and
use it to log on. |
| Don't use Password Manager or Saver programs that offer to store
your password for you. What happens if these sites are compromised? |
| Lock your computer whenever you leave it. |
