Password Security & Using Unique Passwords

We all know how important it is to avoid reusing the same password across different sites. Easier said than done! Fortunately, Chrome has improved password protections that can identify passwords that have been compromised. Read on to learn more, as well as our best tips for using strong, unique passwords that you’ll actually remember!

Chrome’s New Data Breach Warning

If you use Chrome, you may have recently seen this warning: A data breach on a site or app exposed your password.

Sounds alarming! And for good reason. It means your password was compromised in a data breach on some external site or application. That is, someone has gained access to your password, which they could use to login to any website where that password is used. Any compromised passwords should be changed as soon as possible.

How are passwords compromised? There are, unfortunately, many different ways that your password can be exposed – hacking, phishing, insecure networks, and malware, just to name a few. Google has been collecting data from publicly-known hacking events, and uses this to generate a warning when you type in a compromised password. Read more about how this works in this post on the Google Security Blog.

This warning does NOT indicate any breach of Cerbo’s systems.

But if you see it for the EHR or Patient Portal, it does mean that same password, as used on some other site, was compromised and should be changed immediately.

Practical Tips

It is very important that you use a strong and unique password for the EHR and Patient Portal. But, by nature, that can make it hard to remember. And you do not want to physically write down your passwords, unless you’re also locking that info away. So what should you do?

  1. Use a secure password keeper program. One that we like and most often use at Cerbo is LastPass, but there are many others available. When choosing, make sure it is well-rated for security, of course, and that it works in your preferred web browser. That way, you can install your password keeper program on any device to be able to access your passwords. You can use your selected program to generate strong passwords, as well as remember and autofill your passwords.
  2. Set an extra-strong password for your password keeper program. But make sure it’s also something you’ll remember! One trick is to pick the line from a favorite book or poem, and use the first letter of each word to construct your password – substituting numbers and special characters for some of the letters. So, for example, “‘Hope’ is the thing with feathers That perches in the soul.” Might become H’1ttwfTp1t5. It becomes easier to memorize when you can remind yourself with the original quote.
  3. Make sure to log out of your password keeper program when leaving a computer unattended, or when finished using a shared device.
  4. Use 2-factor authentication for logging into the EHR. You can set this up by hovering over your initials in the top menu, and selecting “Two-Factor Authentication.”

Many security experts no longer recommend changing passwords regularly. That is because users who change their passwords frequently may end up taking shortcuts that make passwords weaker and more hackable. And it makes keeping track of your passwords harder. Instead, you should always use strong and unique passwords, and change them only if they have been compromised.