Information Technology A to Z Index

Password Security

Guidelines for Choosing a Password

  • Use at least 10 characters, the more the better.
  • Start with a letter
  • Include at least one number
  • Use upper- and lower-case letters AND one special character such as #, $, %  etc
  • Don't write down your passwords.  If you MUST, keep them locked up in your desk or in a safe.
  • Select a unique password for each account
  • Make your password easy to remember but difficult to guess--don't use words--like 'teddybear123'
  • Use a password manager like LastPass (my personal favorite)
  • Try a passphrase instead
  • Once you have reset your password, you will need to wait 24 hours before you can reset it again.  If you need to reset your password within 24 hours of resetting via self-service, then you will need to contact the IT Service Desk for assistance at 859-622-3000

Strategies for Choosing a Good Password (Passphrases)

  • Line from a favorite song (Example: Pink Floyd's 'Comfortably Numb')
    Line from song: A distant ship smoke on the horizon, You are only coming through in waves
    Password: Ad5sothUr0ctiw
    Substitue 5 for an S and a 0 for o with lower and upper-case
  • Line from a favorite poem (Example: Emily Dickinson's 'Success Is Counted Sweetest')
    Line from poem: Not one of all the purple Host, Who took the Flag today
    Password: N1oatpHwttF2d
    Substitue 1 for one and 2d for today

Avoiding Bad Passwords

  • Dictionary words (e.g., dandelion)
  • Foreign words (e.g., octobre)
  • Simple transformations of words (e.g., tiny8)
  • Names, doubled names, first name and last initials (e.g., kittykitty)
  • Uppercase or lowercase words (e.g., MAGAZINE)
  • An alphabet, keyboard or number sequence (e.g., qwertyy, 123456)
  • Very short words or just one character (e.g., hi)
  • Words that have the vowels removed (e.g., sbtrctn)
  • Phone numbers, birthdays or any other special numbers
  • Numbers substitutes for letters (e.g., 0 for O)
  • Any position of your username or account information
  • Any default passwords 
  • Don't use online password generators either because hackers have access to those too!