May 4th is World Password Day - it's good to have a day to consider how secure your passwords are and where you store that information.
Intel created World Password Day - the first Thursday of May - to address the critical need for solid passwords. The day was first celebrated in 2013, and since then it has become an important reminder to take password security seriously. In a world where technology is increasingly integrated into our daily lives, our passwords serve as the first line of defence against cyber attacks. This article gives a high level view of keeping your password up to date with current views of what is a good password and more detail about the history of World Password Day: National World Password Day
We think it's a crucial element of to cyber security to have good ethos about password security in an organisation and have created some help and guidance all across our Knowledge Bank:
 A Guide to multi-factor authentication - where possible, turn on multi-factor authentication |
| Model Password Policy Template -consider a password policy |
| Password Security Learning Nugget - train staff about password best practice |
| Create a strong password - download awareness poster |
| Keep it Strong - Keep it long - download awareness poster |
| Password Best Practice Library - general support and guidance |
| Password Best Practice Checklist - a checklist to see where you are with password best practice |
There should be rules set to ensure strong, complex passwords - the National Cyber Security Centre provides guidance about Passwords: NCSC Updating your approach with passwords
Further password advice from the Government: Password Guidance Simplifying Your Approach
Consider password security in relation to data protection: ICO Password Guidance
What to do in the event of a cyber attack?
Tell someone! Report to IT. Report to SLT.
Unplug the computer from the internet by removing the ethernet cable or turning the Wi-Fi off.
If you are a victim of a ransomware attack we would recommend reporting this to Action Fraud: https://www.actionfraud.police.uk/ as well as your data protection officer so they can advise about the data loss. Most cyber crimes like these will also need to be reported to the ICO by your data protection officer.
Isolate the infected device and pass to IT
Always ensure there are backups you can restore from.