Password security a must for Airmen

  • Published
  • By Airman Jason Wiese
  • 90th Missile Wing Public Affairs
One Airman might log into his online banking to find his assets wiped out. Another might log into a social networking site to find her reputation ruined. Perhaps worst of all, another Airman might discover he allowed someone access to sensitive information.

This is the reality that many people face because of weak passwords or unsecure information assurance practices.

Regardless of what their jobs are, all Air Force personnel should maintain strong passwords for their various accounts, work-related or personal.

Airmen are heavily dependent on computers to complete their missions.

"Without a computer, I wouldn't be able to do most of my job," said Airman 1st Class Maurice Ojwang, 90th Comptroller Squadron customer service technician.

Ojwang's work in the finance office gives him access to personal information about base personnel and he is passionate about protecting their information.

"We're protecting our own members in the Air Force so they can perform their missions without worrying that we're insecure," Ojwang said.

Like it should be for all Airmen, information security is a major facet of Ojwang's mission.

For Airmen such as Ojwang, information security begins with having strong passwords to keep those who do not need access to sensitive information from gaining access to it.

"All Airmen are trained to not give their passwords to anyone; however, they should be aware of inadvertently giving their passwords out," said Staff Sgt. Chase Waldron, 90th Communications Squadron wing information assurance noncommissioned officer-in-charge.

It's not just work-related accounts that are an issue. When an Airman gets a personal account hacked into, that Airman is placed under extra stress and turmoil and this has an adverse affect on the Air Force's mission, Waldron said.

By creating weak passwords, individuals can provide an easy means for hackers to learn what their passwords are. Weak passwords hackers can guess include those with consecutive numbers or letters such as "1234" and "abcd," and dictionary words like "apple" or "password," Waldron said.

Airmen should also make passwords they can remember so they are not forced to write them down. If passwords are written, others who should not have access can find them and access that individual's account, Waldron said.

To further enhance one's security, Waldron suggests passwords that are at least 15 characters long and include two of each of the following: upper and lowercase letters, numbers and special characters.

Increasing the number of possible characters and length increases the password's complexity. This makes it much harder for hackers to guess someone's password.

"The more complex it is, the harder it is to crack," said Waldron.

Waldron said people should avoid using the same passwords for multiple accounts. If someone who uses one password for multiple accounts has one account hacked, all of that person's accounts will have been hacked.

Individuals should change their passwords often because hackers can utilize devices to guess passwords given enough time. This is why Airmen are required to change their passwords at certain intervals, Waldron said.

Security questions are another security concern. Hackers can learn seemingly innocuous information about individuals and use it to gain access to their accounts by answering the security questions. By posting personal information online or selecting security questions that ask about readily accessible information, it is possible to give hackers the information necessary to answer a person's security questions, Waldron said.

"A lot of people put too much information on Facebook," he said. "Whatever you put online is going to be there for life pretty much."

Other methods of gaining someone's passwords are more subtle.

Someone using a laptop in a public place might be in the presence of foreign or domestic threats with devices that can remotely track every keystroke. This is a way of gaining access to passwords and sensitive information, Waldron said.

Still, other methods of bypassing secure passwords are less subtle. Often, an Airman might bring work home with a laptop or similar device. This makes it possible for those who would like to gain access to information by breaking into homes or vehicles and stealing the Airman's equipment, Waldron said.

No matter how hackers try to obtain or bypass our passwords, we can maintain security by following all training we have received in information assurance, having strong passwords and maintaining constant awareness.

"It's every Airman's responsibility to ensure the highest levels of security are maintained," said Col. George Farfour, 90th Missile Wing vice commander. "Without the constant vigilance of each Mighty Ninety team member, we cannot hope to accomplish our nuclear surety mission."