Safeguarding Data Starts with a Strong Skyward Password

#Security

Mike Bianco

by Mike Bianco

Mike Bianco Vice President of Information Security

Read time:

A strong password or passphrase can be the difference between secure district data and a cybersecurity disaster. It sounds dramatic, but it’s true.

That’s why it’s imperative everyone in your district follows best practices when creating their credentials.

What’s the difference between a password and a passphrase?

Passwords are typically composed of up to 10 letters, numbers, symbols, or combinations of these characters. Most people were taught to create strong passwords by substituting letters for numbers or symbols—for example, password, becomes p@ssw0rd. Tricky, right? Well, unfortunately, criminals know this game too, and even complex passwords with substitutions are relatively easy to crack for both humans and robots. Online criminals have also developed state-of-the-art hacking tools designed to crack even the most complicated passwords.

A passphrase, on the other hand, is longer than a password and contains spaces between words. Here’s an example: “The road to success is always under construction!” (Approximate crack time: 223,966,385,786,166,380,000 centuries)

A passphrase can also contain numbers or symbols, such as: “The r0ad t0 succ3ss is always under c0nstruction!” (Approximate crack time: 9.460,961,044,053,363e+24 centuries)

Want to test a passphrase’s strength? Visit www.useapassphrase.com to test one out.

Security professionals recommend passphrases over passwords because they are easier to remember, harder to crack, and can be easily modified to satisfy complex password rules.

How am I supposed to remember all these passphrases? A sticky note?

Please no! A password manager is here to help. Password managers store all your passphrases for you. That way, you only need to remember one (VERY strong, unguessable) passphrase.

There are a number of password managers out there, but two we recommend are Bitwarden and 1Password. Both have great reputations and strong security. Bitwarden has a free option that gives you a lot of functionality; it also offers an inexpensive paid tier with extra features. 1Password is an inexpensive option that offers a more polished, feature-heavy experience.

Regardless of which password manager you choose, remember to create a strong, secure master/vault password. Never write this password down or share it with anyone. Having a strong master password creates a huge hurdle for any hackers trying to access your account.

But wait, there’s more!

Using strong passphrases is important, but there’s more you can do to keep your data safe. Whenever possible, enable multi-factor authentication (MFA). Skyward offers MFA to give your data a massive security boost. With MFA enabled, when your credentials are entered, an approval notification will be sent to your trusted device or email (or both) so you can approve or deny any attempts to log in. This extra step provides an additional line of defense in case your credentials fall into the wrong hands.

Keeping your district safe starts with you—it starts with every person who has access to district data. Play it smart, stay safe, and make sure every passphrase you use is strong!

Follow-up Resource: Skyward Security Best Practices

Take a deep dive into applying security best practices to your Skyward applications.