As you probably know, secure password practices are extremely important - even more so with the popularity of cloud-based solutions. Vail Resorts’ InfoSec team has become aware of some not-so-great practices around passwords and account use, so we ask you to please adhere to the following:
- If you have a Company email, don't use it to sign into personal accounts. For example, Poshmark, which experienced a credentials breach in 2018. Vail Resorts accounts were involved.
- If you have a Company email, don’t use your personal account to conduct Vail Resorts business. This can pose a risk for many reasons. For example, you could be accidentally exposing confidential information to the possibility of being intercepted.
- Don’t leave login details around your computer, for instance, on a Post-It note.
- Don’t store passwords in an unencrypted Excel, Word or other type of document.
- Don’t let your browser store your login creds. This is a convenient but risky behavior because if an attacker were to gain access to this list, they would know all your passwords. Some browsers will show your stored passwords without authenticating a password.
We appreciate your help in keeping the Company secure. Please reach out to firstname.lastname@example.org with any questions.