News HighlightsPage address: https://www.mnsu.edu/news/read/?id=old-1475779874&paper=topstories
Online Privacy is Non-Existent, says Faculty Member
Chris Veltsos' talk kicked off National Cybersecurity Awareness Month at Minnesota State Mankato.
Kristine Goodrich, Mankato Free Press, 10-4-2016
MANKATO — Joe98 would be a very weak password for a Minnesota State University, Mankato student named Joe who was born in 1998.
Hackers could easily guess that password because it’s too personal, too short and doesn’t have any special characters, said Minnesota State Mankato associate professor Chris Veltsos.
JoeMSU98 would be a little better, but still too personal, short and in need of special characters.
While it’s tempting because it’s easier to remember, online passwords should not be comprised of a name, birth year, school of attendance or other personal information that thieves could glean from social media, Veltsos said.
“You might not like to do your homework, but hackers will do their homework,” the computer information science department faculty member said during a Monday lunchtime presentation.
Much of Veltsos’ talk that kicked off National Cybersecurity Awareness Month observances at Minnesota State Mankato focused on passwords for online accounts.
The best passwords are randomly selected, contain some characters that aren’t letters or numbers, and are as long as the account will allow, Veltsos said.
Internet users should never use the same password for more than one account, the local cybersecurity expert urges. Hackers who obtain your password from one account are likely to try to use it to access other accounts as well, he said.
But for most people that’s not an easy recommendation to fulfill. Internet users have on average 26 different password-protected accounts, according to Veltsos.
He suggests using a digital password management system to generate random passwords for each account and keep track of all those passwords. There are free options as well as fee-based options that offer additional services such as alerts about data breaches.
Not even password management systems are immune from hacking, however. Thus Veltsos recommended people memorize random and long passwords for their most sensitive accounts, or store them in non-electronic form in a secure location such as a safe.
Other ways people can best protect their personal data in cyberspace, Veltsos said, include regularly updating account security questions, using antivirus software, completing updates recommended by digital devices’ operating systems, limiting shared use of devices, never leaving mobile electronics unattended and setting up lock screens for all electronic devices.
He also suggested people think twice about every social media post, even on accounts that limit access to approved viewers.
“There is no such thing as private when you post anything online,” he said.
The professor also said people should monitor news of security breaches and change their account information whenever there is a breach that might have included their account.
The most recent significant breach was announced last month at Yahoo, he noted. More than 500 million Yahoo users’ names, email addresses, telephone numbers, dates of birth and security question responses might have been accessed, as well as encrypted passwords.
The entire version of this story can be read in a print copy of the Mankato Free Press. Call the Mankato Free Press at 625-4451 or (800) 657-4662 to find out how to purchase a print copy. The Free Press also prints select stories online at www.mankatofreepress.com.