October is Cybersecurity Awareness Month! Hosted by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCSA), the overarching theme of this month is to encourage individuals and organizations to “own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity”. In addition to this overarching theme, each week of this month will focus on a different aspect of cybersecurity and will include some recommended action items from ITS to help keep your part of cyberspace as secure as possible!
In addition to applying updates as soon as possible, another fundamental principle of keeping your devices and accounts secure is to manage your passwords safely and effectively. Chances are that you have been impacted by at least one of the major password breaches that have been in the news. If you haven’t used haveibeenpwned.com to see if your accounts have been breached, we encourage you to do so as frequently as possible. Another one of the most common security risks is malware that attacks your browser’s built in password manager (ex: when you allow your browser to “save” or “remember” your password). If you save your passwords directly to your browser, you are more exposed to these types of attacks that could lead to catastrophic data loss, ransomware, or identity theft.
LastPass takes the headache out of managing passwords by allowing you to easily create, store, update, and access all your passwords securely in a central location. The tool can be installed as a browser extension in your favorite web browsers as well as an app on your smart devices. You can sign up for your free premium account following these instructions on the ITS website.
Here are some quick videos that demonstrate some of our favorite features:
- Using the LastPass browser extension
- Using LastPass on your mobile device: (iOS)/(Android)
- Adding and filling sites
- Filling forms
- Generating a secure password
- Many more convenient features/demos can be viewed on the LastPass YouTube channel.
After creating your premium account, here are some helpful steps to get up and running as a master LastPasser:
- Setup multi-factor authentication for your LastPass account
- Setup account recovery options for LastPass
- Import passwords from other sources
We strongly feel that not only is LastPass a majorly convenient and intuitive timesaver, but that it is a practical benefit that all UPenn staff, faculty, and students should take advantage of. As always, feel free to reach out to ITS at itshelp@law.upenn.edu with any questions or if you’d like to schedule a time to learn more about LastPass by speaking directly with a member of ITS.