In recognition of October as Cybersecurity Awareness Month, we’ve put together a weekly email series designed to help you stay safe online. Each week in October, we'll send practical tips and updates on the latest cybersecurity threats and best practices. From securing personal devices to protecting sensitive data, the email series will provide valuable insights to help enhance the State of Vermont’s digital security.  

WEEK ONE

PASSWORD COMPLEXITY

What is Password Complexity?

Password complexity is any requirement that a password must meet to be considered secure. 

1. Length: Most programs have a minimum number of characters because shorter passwords are more vulnerable.
2. Complexity: The requirement that passwords include a mix of uppercase letters, lowercase letters, numbers, and special characters.  

What steps can we increase password strength? 

1. Avoid repetition and simple patterns 
   To strengthen password security, avoid repetition and obvious patterns. Use a mix of uppercase and lowercase letters, numbers, and special characters. A strong, unpredictable password is crucial for protecting against unauthorized access. 
2. Use different passwords for all devices and accounts 
   Using different passwords for each device and account is essential for maintaining strong security. If one password is compromised, unique passwords prevent widespread access to your other accounts. This strategy minimizes risk and enhances overall protection, ensuring that a breach in one area doesn’t jeopardize your entire digital life. 
3. Avoid personal information 
   Avoid using personal information in your passwords, such as names, birthdays, or addresses. This type of information is often easily accessible or guessable, making it easier for attackers to gain access to your accounts. Instead, create passwords that are completely unrelated to your personal details to enhance security and protect your sensitive information. 
4. Avoid common substitutions 
   Avoiding common character substitutions, like replacing "o" with "0" or "i" with "1," is crucial for password strength. Many attackers are aware of these tricks and can easily account for them in their guessing strategies. Instead, focus on creating entirely unique passwords that don’t rely on predictable patterns or substitutions, making it harder for anyone to crack your credentials. 
5. Try using a passphrase
   A passphrase combines several random words or a meaningful sentence, creating a longer and more complex string that’s harder to crack. This approach allows for greater creativity and personalization, reducing the likelihood of forgetting your password. Additionally, the length and randomness of a passphrase can significantly improve protection against brute-force attacks.