Password Security

The University's Acceptable Use Policy requires that we keep our passwords to ourselves. While it's good to keep a password secret, most of us need to remember 2 or 4 or even more passwords for our variety of accounts. If you're like many of us, you can't remember what you had for breakfast, let alone the password you just had to change for that account you almost never use.

We have a few ideas that might help you with this. But let's cover some basic password rules first.

Password Don'ts

  • Don't share your password with anyone.
  • Don't use a common word like a name, a pet's name, or a common word out of the dictionary.
  • Don't use a number, like your birthdate.
  • Don't leave your password in a place where someone can find it.

Good Things to Do

  • Longer (12 or more characters) is generally better.
  • $peci@l Ch@r@ct3rs are G00d!
  • Use different passwords for different accounts (yes, this is difficult)
  • Change your password if you think there's a possibility that it has been compromised. Don't delay!

Okay, now that we've got the rules out of the way, here are a couple of simple solutions that might help you with passwords.

Option 1: Use a Passphrase

One way to get a nice long password is to use a passphrase. It can be a sentence that is easy to remember but pretty long. For example:
My dog has green spots is 22 characters long (including spaces), which is fairly difficult for a password cracking program to decode.

You can make your passphrase even stronger by throwing in a couple of special characters and at least one misspelling. For example:
mY daUg H@S green splots!

This passphrase is easy to remember, and is very strong. Nobody said that coming up with a new password couldn't be fun. But do not use your favorite quote or a line from a book. The black-hat types are getting smarter, and many use a dictionary of favorite lines from movies or book quotes to crack passphrases. It's better for you to use unique or nonsense phrases.

Option 2: Use a Random Password Generator

Use a random password generator to come up with a nice complex password of decent length (we recommend at least 12 characters). A good password generator can be found at http://www.pctools.com/guides/password/.

You'll end up with a nice long string of characters that is very hard to remember, so you have to write it down. This isn’t necessarily bad, but store it in a safe place (like your wallet or purse) and don’t write down anything else on it to identify what account it goes with. Do not keep it on or in your desk. Remember to make one password for each account.

Tough? Yes, but after a couple of days you get used to the new password, and typing it will not require thought.

We hope these techniques help. If you have any additional suggestions for making a strong passphrase or password, please contact your Community Network support team and we’ll be happy to pass those along.