| |
|
|
 PASSWORDS
This page deals with preventing a password and how to create
standard passwords.
Key points for
password security
 |
New passwords must be
different than the previous password. |
|
|
Passwords never should be
stored on your computer or written down and stored in
plain sight.
If a password must be written down, it should be
locked up and stored in a place that is difficult
for others to access. |
|
|
Passwords may be used only
by the authorized user. Do not share your password with
anyone. |
|
|
If you suspect your
password has been compromised, it should be changed
immediately. |
Why change every
30 days
Passwords can be guessed or deciphered by hackers on the
internet. By changing your password, you help to ensure that your
account will remain safe and your email and files will remain
private.
For security reasons, we require that you change the password for
your campus account every 30 days. If someone should discover your
password they can access your private computer account. This is bad
enough, but even worse is the fact that you and you alone are
responsible for any activity that originates from your Computing
ID/account. Therefore, never write down your password on paper, and
never tell anyone else your password.
Students, as well as everyone who has a computer at home, should
also change their passwords every so often (30 to 90 days) for the
same reasons.
|
|
Security issues - A
different password scheme should be chosen every time
you change them to avoid someone who may know a previous
one from guessing your new one. |
|
|
Reusing passwords
- Reusing passwords can be quite dangerous. This is
because of the fact that if someone gets a password for
one of your accounts then they will have the password
for multiple accounts of yours.
Due to this, the first practice is enforced on campus
for all faculty and staff members. Everyone should,
however, follow both practices below with every account
they have.
-
Passwords cannot be reused more than once per 8
months.
-
You should have different passwords for
different accounts.
|
Good passwords,
Bad passwords
|
|
Good passwords -
Combinations of letters (upper and lower case), numbers,
and special characters.
the longer the better. |
|
|
Average strength
passwords - Combinations of letters (upper and/or
lower case), and numbers. |
|
|
Bad passwords -
Dictionary words, words or phrases that contain any
personal information, dates,
alphabet or numeric sequences (like abcdefgh or
12345678) or any of the above mentioned items in
reverse. |
|
|
Check your password
strength - You can check your password strength by
clicking here.
|
Points to avoid
while creating a password
|
|
Do not use your user name,
first name, or last name. |
|
|
Passwords that use patterns
on the keyboard (i.e., QWERTY) are not secure. |
|
|
Words spelled backwards
don't make secure passwords. |
|
|
Substituting 1's and 0's
for l's and o's is not enough to make a good password. |
|
|
Do not simply use a word
followed or preceded by a number as a password. |
|
|
Do not use dictionary, or
dictionary-based words as passwords. |
|
|
Never use a password that
has been cited as an example of how to pick a good
password |
Tips for
remembering a password
|
|
Mnemonics -
Remembering a randomized, assigned difficult password,
like "tthertd" can be simple
and fun by using a mnemonic. Think of a sentence
where there is one word beginning with each
letter of the password, for example, "tthertd" could
be "terrible tigers have every right to drive."
|
|
|
Develop an Algorithm
- Take the name of the website and then add the last
four digits of a friend's
home phone number to the end.
The password for wikiHow might be "wikihow4588".
Maybe
you would spell wikihow backwards. The more steps in your
algorithm, and the more
unpredictable each step is, the
more secure your password. |
|
|
Combine the best of you
- Choose a favorite number (or two), a favorite word (or
two), a
favorite symbol (or two), and the first one or
two symbols that come to mind when you see the
website
address or the most prominent words on the sign-in page.
Choose an order and put
them all together into one long
string
|
|
|
Remove the vowels - Take
a word or phrase and remove the vowels from it.
(e.g.
"eat the cheeseburger" becomes "tthchsbrgr").
|
|
|
Combine small words
- A smart way to develop a secure, easy to remember
password is to
combine three small words to a password.
E.g. you can use "howstopyes" or "earpengold".
If you
want an even easier to remember password you can use words
that are related to each
other like "yesnomaybe". This
is less secure! Additional tip: make the first letters of
the different
words capital: "ballzonecart" becomes
"BallZoneCart".
|
|
|
Connect the first letters
- Develop a password using the first letters of a sentence
or phrase
that means something to you - like your
national anthem or a slogan you have seen some where.
'Don't shop for it, Argos it' would become DsfiAi.
|
|
|
Mix words - Choose two
words and combine their letters to create the password,
choosing one
letter of the first word and one letter of
the second word, and repeating this until you get to the
last
letter of each word. An example could be:
Words:
house & plane
Password: hpoluasnee
|
|
|
Use year & month & letters
of your choice - Use the current year and first three
letters of the
current month and then three letters from,
say, your name. In this case, your password would read
2006aprJoe. Next month, change it to 2006mayJoe. It's
impossible to have the same password twice
or to forget
it.
|
|
|
Turn letters into numbers
- Think of a phrase, or name that your password will be.
Type that
name using numbers (located on the telephone #
pad) |
|
