Information Technology A to Z Index

Password Security

Guidelines for Choosing a Password

  • Use at least 8 characters, the more the better.
  • Start with a letter
  • Include at least one number
  • Use upper- and lower-case letters
  • (For EKU passwords) you can not use special characters such as #, $, %, etc.  (But you do for the new ProCard website!)
  • Don't write down your passwords.  If you MUST, keep them locked up in your desk or in a safe.
  • Select a unique password for each account
  • Make your password easy to remember but difficult to guess--don't use words--like 'teddybear123'
  • Use a password manager like LastPass (my personal favorite)
  • Try a passphrase instead

Strategies for Choosing a Good Password (Passphrases)

  • Line from a favorite song (Example: Pink Floyd's 'Comfortably Numb')
    Line from song: A distant ship smoke on the horizon, You are only coming through in waves
    Password: Ad5sothUr0ctiw
    Substitue 5 for an S and a 0 for o with lower and upper-case
  • Line from a favorite poem (Example: Emily Dickinson's 'Success Is Counted Sweetest')
    Line from poem: Not one of all the purple Host, Who took the Flag today
    Password: N1oatpHwttF2d
    Substitue 1 for one and 2d for today

Avoiding Bad Passwords

  • Dictionary words (e.g., dandelion)
  • Foreign words (e.g., octobre)
  • Simple transformations of words (e.g., tiny8)
  • Names, doubled names, first name and last initials (e.g., kittykitty)
  • Uppercase or lowercase words (e.g., MAGAZINE)
  • An alphabet, keyboard or number sequence (e.g., qwertyy, 123456)
  • Very short words or just one character (e.g., hi)
  • Words that have the vowels removed (e.g., sbtrctn)
  • Phone numbers, birthdays or any other special numbers
  • Numbers substitutes for letters (e.g., 0 for O)
  • Any position of your username or account information
  • Any default passwords 
  • Don't use online password generators either because hackers have access to those too!

 

Inside Look