News
Cyber Security matters – #3 unique passwords and using your Sussex email account safely
Posted on behalf of: The Better Sussex Team
Last updated: Monday, 22 April 2024
Using your Sussex email account for non-work activity
We know, it can sometimes feel more convenient to use your Sussex email address to sign up for non-work accounts like Amazon or Spotify, but please don’t do it!
Each time you use your Sussex email address for a non-work activity, you increase the chances that your email details could be compromised.
For context, in January 2024, 155 Sussex email addresses were involved in third party compromises and in February this figure increased to 743.
Why is a unique password important?
Using a strong ‘unique’ password for your Sussex email account that you don’t use anywhere else is critically important to help protect you, your work and the University.
Whilst using your Sussex email address to sign up for a third-party account is problematic in itself, using your Sussex password too gives a hacker everything they need to access your Sussex account immediately.
And the more you use the same password, the greater the risk that cyber criminals could access and take advantage of several of your work or personal accounts in one go.
You can find guidance on setting up a strong password on our webpages.
Case files - a real world example
Research conducted in March 2021 by the National Cyber Security Centre (NCSC) found that 15% of the UK population used pets' names,14% use a family member's name, and 13% pick a memorable date when choosing an online password.
NCSC Communications Director Nicola Hudson notes: “using your pet's name as a password could make you an easy target for callous cyber-criminals." The same applies to family names and birthdays which can also be found easily online by cyber criminals searching through social media.
Using a password that can be easily cracked is a big problem, but what can make things even worse is using the same password across multiple accounts.
A 2021 survey conducted by PC Magazine in the United States found that 70% of respondents admitted to using the same password for more than one of their online accounts and 21% of those surveyed admitted to using the same password for all their online accounts.
This means of course that when a cybercriminal gets your password for one of your accounts, they now have your password for everything.
Source: PCMAG.COM, BBC News
How can I minimise these risks?
When we talk about cyber threats like this, it can feel a bit overwhelming, but as ever, following a few simple rules can help to keep everyone safe and secure.
-
Use your Sussex email account for work related activities only
-
Use different passwords for all your accounts
-
Where possible, enable multi factor authentication on your accounts
-
If you suspect your email account has been compromised report to IT Services - please don’t be embarrassed or worried, it can happen to any of us.
How to learn more
Contact
Contact the School office: lps@sussex.ac.uk.