InfoSec / Cyber

World Password Day - May 4th

World Password Day - May 4th

May 4th is World Password Day - it's good to have a day to consider how secure your passwords are and where you store that information.

Intel created World Password Day - the first Thursday of May - to address the critical need for solid passwords.  The day was first celebrated in 2013, and since then it has become an important reminder to take password security seriously.   In a world where technology is increasingly integrated into our daily lives, our passwords serve as the first line of defence against cyber attacks. This article gives a high level view of keeping your password up to date with current views of what is a good password and more detail about the history of World Password Day: National World Password Day

We think it's a crucial element of to cyber security to have good ethos about password security in an organisation and have created some help and guidance all across our Knowledge Bank:  

 A Guide to multi-factor authentication - where possible, turn on multi-factor authentication
 Model Password Policy Template -consider a password policy
 Password Security Learning Nugget - train staff about password best practice
 Create a strong password - download awareness poster
 Keep it Strong - Keep it long - download awareness poster
 Password Best Practice Library - general support and guidance
 Password Best Practice Checklist - a checklist to see where you are with password best practice

There should be rules set to ensure strong, complex passwords - the National Cyber Security Centre provides guidance about Passwords: NCSC Updating your approach with passwords

Further password advice from the Government: Password Guidance Simplifying Your Approach

Consider password security in relation to data protection: ICO Password Guidance

What to do in the event of a cyber attack?

Tell someone!  Report to IT. Report to SLT. 

Unplug the computer from the internet by removing the ethernet cable or turning the Wi-Fi off.

If you are a victim of a ransomware attack we would recommend reporting this to Action Fraud: as well as your data protection officer so they can advise about the data loss.  Most cyber crimes like these will also need to be reported to the ICO by your data protection officer.

Isolate the infected device and pass to IT 

Always ensure there are backups you can restore from.

Little Guide to ACTION FRAUD