Changes

Passwords provide important protection for your IMSMA data, but only if you use them properly;

# Consider using encryption on devices that store IMSMA data Encryption can prevent anyone accessing or manipulating IMSMA data. This can include on portable drives that contain your IMSMA NG backups. Newer versions of windows includes [https://docs.microsoft.com/en-gb/windows/security/information-protection/bitlocker/bitlocker-overview Bitlocker] and [https://docs.microsoft.com/en-gb/windows/security/information-protection/bitlocker/bitlocker-to-go-faq Bitlocker to Go] that can be used to encrypt and add password protection to your computers disks and any portable drives where you store your backups.

# Avoid Using Predictable Passwords, and change Default Passwords Passwords should be easy to remember, but difficult to guess. Combinations of random words can make good passwords that are easier to remember. Change any default passwords, especially the IMSMA database accounts, and do not use common passwords such as ‘password’ or ‘imsma’.

# Consider using a Password Manager Where you have a lot of passwords to remember, a password manager such as [https://keepass.info/ KeePass] can help. With these tools you store your passwords in an encrypted ‘vault’ and use one strong master password to access them. If someone obtains the password file they can’t access it without knowing your master password.

Phishing attacks are where hackers or scammers will send fake emails or use bad websites to try to collect sensitive information. They may trick you into logging in to a fake website with your real username and passwords, which they can then use to steal information or in the case of bank accounts, money. Phishing is more of a risk for common online accounts and websites rather than IMSMA NG, but you should still be aware of the risk, for example to protect your email account which you may use to share IMSMA data.