Another tip in a series provided by the Offices of Information Security, Information Systems & Computing and Audit, Compliance & Privacy

As 2020 comes to a close (finally!), consider adding some routine password maintenance to your end-of-year To-Do list. There is debate in the information security community about the value of frequent password changes, especially if your passwords are unique, long and complex. However, there are still a few things you can check:

Are you using a password manager yet? Not only do password managers safely store your passwords and autofill them into websites, but they can also help you create new, complex passwords if you have accounts using weak or old ones. They can also make sure none of your passwords for various sites are duplicates. Password duplication can render multiple accounts vulnerable to abuse if a reused password is ever stolen or compromised. LastPass Premium, a popular password manager, is available to all eligible and active members of the Penn community. Learn more here: https://www.isc.upenn.edu/how-to/lastpass

Make sure you opt-in and use two-factor authentication on as many accounts that offer it, especially for sites that contain sensitive information like banking. Double-check your settings. If you need more information about Two-Step Verification for Penn accounts, you can find it here: https://www.isc.upenn.edu/how-to/two-step-verification-getting-started

Finally, go ahead and throw out all those passwords written on sticky notes under your keyboard and breathe a sigh of relief that your digital life is ready for the new year.

---

For additional tips, see the One Step Ahead link on the Information Security website: https://www.isc.upenn.edu/security/news-alerts#One-Step-Ahead