National Cybersecurity Awareness Month 2023

October is Cybersecurity Awareness Month and the Division of Information Technology is partnering with the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA) to share simple but effective tips for using technology.

Strong cybersecurity practices are the best way that you can digitally protect yourself and the Kent State community.

Since most cybersecurity news articles are about massive data breaches and hackers, it can seem overwhelming and feel like you’re powerless against it. We’ll work to prove to you that cybersecurity doesn’t have to be scary or too hard to understand. It can be easy to adopt secure habits and even bring you some peace of mind that your virtual life is safe.

Questions? Please email or visit


Managing and Maintaining Strong Passwords

Cyber threats continue to evolve and malicious actors are constantly looking for vulnerabilities to exploit. Weak passwords are one of the most common entry points for cyberattacks. The good news is that by following a few key best practices, you can help protect your account.

How to protect your account
  • Complexity is Key: Make each password long and strong.  The more characters in your password, the stronger it is. Mix special characters (e.g., &,! #) with numbers and letters to increase your password’s strength. You can see Kent State University’s password requirements here.
  • Avoid Password Reuse: Never use the same password for multiple accounts.  A breach of one account could jeopardize the security of all of your other accounts, if they share the same password. If you’ve used your FlashLine password with services outside of the university, please change your password to something unique.
  • Make a Passphrase: To make passwords easier to remember, use multiple words to create a passphrase, such as “Dont4getYourLunch!”
  • Use Password Managers: Password Managers, like LastPass, Apple Keychain and 1Password, can take the hassle out of remembering your passwords and can auto-fill them into login forms.  Additionally, they can assist with creating strong passwords for you. Even better, they can sync across all of your devices (computers, phones, tablets, etc.). Check out this tip sheet to learn more about password managers.

Want something fun to do? Check out this Cybersecurity Word Search!  Complete and submit your finished word search by Friday, Oct. 6th  and be entered to win a prize at the end of the month!  You can submit your completed search here.


Multi-Factor Authentication

Stealing passwords is one of the most common tactics that cybercriminals use to hack into other people's accounts. Multi-Factor Authentication (MFA) adds another layer of protection by requiring additional information such as a code delivered through an app or text message to gain access. Even if a hacker steals your password, without MFA, they won't be able to access your account.

How MFA makes your account more secure

It is worth noting that hackers are resilient.  While MFA does improve your security, a tactic that has started becoming more common is something known as an MFA fatigue attack (or MFA bombing).  This is when a hacker repeatedly tries to log in with stolen credentials until the victim approves one of the requests. If you run into this situation (either with your account, or any personal account), do not approve unknown requests and change your password immediately.

To make sure your account is as secure as possible, please visit to make sure MFA works on your account and has up-to-date information. It is worth noting that Kent State’s version of MFA is risk- based, meaning that you will only receive an MFA request if an application requires a check every time OR if there is something unique about your login (e.g., unknown location / unknown device).


Recognizing and Reporting Phish

Cybercriminals like to go phishing, but YOU do not have to take the bait! Phishing is when criminals use fake emails, social media posts, phone calls or direct/text messages to lure you to click on a bad link or download some malicious attachment. No need to fear your inbox though! It is easy to avoid a scam email, but ONLY once you know what to look for! A little knowledge goes a long way, and with it you can outsmart the phishers every day.

How to spot phishing emails

See it so you do not click on it. 

The signs can be a bit subtle at times, so the first thing is to slow down, take a few seconds and look over the email and think if it looks legit. Here are some tips on how to spot a phish email and not take the bait! 

Think about what you see: 

  • Does it contain an offer that is too good to be true?
  • Does it have language that is urgent, alarming, or threatening in any way?
  • Is the greeting generic or just plain odd?
  • Does it include requests to send personal information or log in with your credentials on a provided link, or asking payment information?
  • Does it stress an urgent action to click on unfamiliar hyperlinks or attachments?
  • Look closely at the sender’s email address, does it match the company it’s coming from, or should come from?
  • Look for emails with bad grammar and misspellings like or for examples
  • Is it requesting you to log in with your credentials on a link, asking for payment information or sensitive data?

OK you think you see a phish email now what do you do?

If the email came to your Kent University email address, report it to to be analyzed. It is best to report it quickly and if it is a phish, it will be destroyed along with any others like it. So, recognizing and reporting phish not only helps you be safe, but you help others before they possibly take the bait, because they are not yet able to spot a phish.

If the email went to your personal email address, do not do what the email says if you think it might be phishing. Do not click on any links, or don’t even unsubscribe by clicking that unsubscribe link, and do not reply to the email.


You can take your protection a step further and block the sending address from your email program. 


Updating Your Devices

In the final week of Cyber Security Awareness Month, the spotlight is on a fundamental yet often overlooked aspect of digital security - keeping your devices and applications up to date. This critical practice is the cornerstone of safeguarding your online presence and data.

How to keep your devices up to date
  • Keep up with patching: Regularly update the operating systems, software, and applications on all of your devices (computers, tablets, and phones). Software developers release patches and updates to address known vulnerabilities. Ignoring these updates can leave your devices exposed to potential cyber threats.
  • Make it easier with automatic updates: Enable automatic updates whenever possible. This ensures that you receive the latest security fixes without having to intervene manually.
  • Device Firmware: Don't forget about your routers, IoT devices like home security cameras and digital assistants.
  • Backup Your Data: Before performing updates, back up your data to prevent any potential data loss during the process.
  • Stay Informed: Keep an eye on security news and advisories. Sometimes, updates are released in response to active threats, so it's essential to stay informed.

These proactive measures can prevent significant security breaches and protect your data and identity. Stay updated and secure, and let's make the digital world a safer place during Cyber Security Awareness Month.

We look forward to sharing more information and tips over the next few weeks to help ensure that you stay safe when using technology.

Check back next week for more cybersecurity tips!

Earn Your Cybersecurity Certficate!

Did you know? We have an online Cybersecurity Overview training that you can complete and earn a certificate. It’s self-paced, and only takes 15 minutes. Kick off Cybersecurity Awareness Month with a bang by earning your certificate!

Register and complete the training

#BeCyberSmart #CyberSecurity

Cybersecurity Awareness Month logo

Cybersecurity Awareness Month is co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA). For more information about ways to keep you and your family safe online visit and