October 1, 2018

Cyber Security Awareness Month: Week 1 - Passwords

IT Security is an important aspect of keeping the BCIT community safe while also protecting our information. For the entire month of October, IT Services will be posting a series of topics which will dig into best-practices to ensure that we stay secure. What’s up first? Everyone’s favourite topic – Passwords!

Week 1: Change your password – It’s probably time!

Have you had the same password across multiple accounts for a very long time? It is probably time to change it. Use the following tips to keep yourself safe and your passwords strong!

Change your old passwords

Did you know: BCIT passwords must not be the same as any non-BCIT accounts or services (such as personal ISP accounts, free online email accounts, instant messaging accounts, or other online services). (BCIT Policy 3502)

Use a strong password

The more characters you have in your password, the longer it would take for a cyber criminal to hack your account.

A password of a minimum length of 15 characters is considered adequate.

Recently, experts discovered that using short and complex passwords can be impossible for people to remember. It is now recommended to use a longer password that is easier to remember. For example a password with four random words that is easy to remember such as HorseTableBucketCar is actually considered stronger than  r$x3H8<W

NOTE: The current BCIT guidelines dictate that passwords must be:

Never share your password

Section 6.3.4 in BCIT Policy 3502 states that BCIT passwords must not be shared with any other person at any time. The only exception is when an authorized user must delegate an account.

Don’t write it down

It's true, we all have too many passwords to manage. In fact, according to recent figures the average person has more than 90 online accounts to manage!

Password complexity has been ruled too complicated and impossible for people to remember. This leads to people writing them down on Post-Its and sticking them on their monitors. So the thinking today is for people to use words or phrases, that are easy to remember and long enough to meet requirements.

Don't keep track of passwords on post-its, in a notebook, or even in a .txt file on your desktop. You can use a dedicated password manager to help! Tools such as LastPass, DashLane, or KeePass help save you the stress of memorizing all of your passwords.

Additional Resources:


BCIT is committed to taking appropriate measures to preserve the confidentiality, integrity, and availability of information and information technology (IT). All users at BCIT are responsible for:
  • Taking appropriate measures to prevent loss, damage, abuse, or unauthorized access to information assets under their control
  • Promptly reporting all acts that may constitute real or suspected breaches of security including, but not limited to, unauthorized access, theft, system or network intrusions, willful damage, and fraud.
  • Looking after any physical device (tools, computers, vehicles, etc.) and access articles (keys, ID cards, system IDs, passwords, etc.) assigned to them for the purposes of performing their job duties, taking courses, conducting research, or otherwise participating within the Institute.
  • Respecting the classification of information as established by the information owner