Search Information Security site

 

Main menu

Password Cognitive Dissonance: America's Cyber-Security Problem

According to Gerald Beuchelt, the Chief Information Security Officer at LogMeIn (the makers of LastPass), awareness of cyber threats increases every year globally, yet the way we use and record passwords and the strength of those passwords, remain constant. In fact, according to LogMeIn, “53% of consumers haven’t changed their passwords in the last 12 months” despite hearing about security breaches in the news.  Also, they would rather have a password that’s easy to remember than one that’s secure. This means there is cognitive dissonance surrounding passwords for the majority of Americans -- a difference between what we know and what we choose to do about it

With the introduction of Multi-Factor Authentication (MFA) processes, accounts are much more protected.   In fact, 54% of people report using MFA for personal accounts.  This addtional protection is why at UVA most account access requires MFA.

Whether you are an employee looking to further secure your personal and work accounts or a manager encouraging your team to adopt better password protection habits, you can utilize these strategies, suggested by LogMeIn to better combat cyber risk:

  1. Create different passwords for every account and make sure they are all strong. This means replacing passwords that are easy to remember with randomly generated sequences of numbers, letters and symbols. This is easy to do if you have a good password manager that keeps track of your password for each corresponding account.  UVA provides a free premium LastPass subscription for faculty, staff and students in the UVA Academic Division, employees of University-Associated Organization (aka Foundations) and alumni with an @virginia.edu email address. 

  2. Turn on MFA for any accounts that offer it. 

  3. Keep your software up to date. 

  4. Keep a close eye out, as always, for phishing, COVID-19 related scams, and other types of cyber attacks

The easiest way to overcome these shortcomings is to download LastPass.  It's automatically and securely keeps track of all your passwords so that you don’t have to. Additionally, if you want to extend LastPass’s protection to your entire family, you can purchase the family subscription for only $4 a month. The family password manager allows you to keep track of your shared and individual passwords and prevents password loss issues, especially for children.  

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form