Creating Strong Passwords

Using strong passwords is a key component of computer security. Passwords are the keys that provide access to information stored on our computers and online accounts, and are often the only barrier between that information and would-be thieves.

One strategy for creating a strong password that is easy to remember is to think up a sentence or phrase, and base your password on that. The phrase could be a line from a song or book, a quote, or anything that’s easy to remember. Make it long – at least eight words. For example:

From the hills of Maine to the western plain

Take the first letter of each word to form your password:

fthomttwp

You can make the password even more secure by using a whole word or two from your phrase, mixing upper and lowercase letters, and substituting or adding letters and symbols. In our example, we could capitalize the M in Maine, use the number 2 in place of the word “to”, use “the” instead of just t, and replace the h with a hash mark #, to get:

ft#oM2thewp

Such a password is many times more difficult to guess or hack than a short word, but is still easy to remember.

Below are some additional tips for creating good passwords.

Do:

Use long passwords. Passwords should be at least 8 characters long. Each additional character increases the strength of the password many times.
Use letters, numbers, and symbols to form your password.
Use different passwords for different systems. That way, if one is compromised other systems are still secure.
Change your passwords regularly, especially if you think someone may know your password.
If you must write down your passwords, keep the list in your wallet or purse, not next to your computer.

Don’t:

Use personal information that can be easily determined or guessed (your name or username, birthday or anniversary, family members’ names, pets, phone number, street address, etc.)
Use words in the dictionary, of any language
Use sequences (12345, qwerty) or repeated characters (22222).
Share your password with other people. If you need to share files or information on your computer, contact the Help Desk and we can provide ways that both accounts can share the information.
Give out passwords over the phone, email, or web form. IT Services and the online companies you work with will never call or email you and ask for your password. If you get such a request and you think it is legitimate, call the Help Desk or the company yourself for confirmation

You can find even more tips and suggestions at the following online sources:

    How to write better passwords – CSOnline
    Strong passwords: How to create and use them – Microsoft.com
    Choosing and Protecting Passwords – US CERT

One comment on “Creating Strong Passwords”

jeffrey says:

July 6, 2007 at 12:09 am

I never use my pet’s name as my password. Someone you know can easily guess your password. Anyway, great info on how to make a strong password. I hope everyone will follow those tips so anyone who tries to hack their password will have a hard time guessing it.

Comments are closed.