From the KnowledgeBase

Title:
Passwords: Choose a password or passphrase that is safe and easy to remember
Synopsis:
Protect your identity and University data by using strong passwords or passphrases.


Solution:

Are you having trouble coming up with a strong and secure password or passphrase? Use these suggestions below.  


First, make a decision. Your can choose either

  • a passphrase (password phrase or sentence)
OR
  • a complex combination of characters


What is the difference? What are the rules?


Common sense tips and suggestions for ALL types of passwords and passphrases
  • Don't ever leave a password blank or keep its default value intact.
  • Don't use the same password to secure your University account as you use (or have used) for other sites, e.g., online shopping, Facebook.
  • Don't reuse passwords.
  • Don't use something that is public knowledge or has been shared on social media, such as Facebook or Twitter.
  • Don't use any sample passphrases or complex passwords shared as tips (such as those below).
  • Be creative. The best passphrases and passwords are ones that have never been used before.


Passphrase tips and suggestions

  • Consider a passphrase of several (5 or more) random words strung together, e.g. strainer walking trusty comic giraffe
  • Make up a sentence that is relevant to you but is stated in such a way that it is not easily guessable, e.g., jazz is a passion, pizza too
  • Remember that incorrect grammar and misspellings are passphrase strengtheners

Don't use quotations, popular song lyrics or well-known lines from books, movies, plays, TV shows, etc. exactly as published. Individuals attempting to crack your password will try them. You can base your passphrase on one of these, but vary the text in a unique way, e.g., “not all those who wander are lost” (J.R.R Tolkein) could be modernized to “not all those who wander lost their GPS”.



Complex password tips and suggestions

  • Base your password on things relevant to you, but not easily discoverable.
  • Consider using incomplete words, uncommonly misspelled words or number or letter substitutions.
  • Create a password that is unique to your University account.

Base your complex password on your own interests (your reading, travel, gardening, sports...) -- that will make it easier to create, and easier to remember.

Use an acronym, and obscure it with creative representations of each word:
-- Idwgu,IatRuk! (I don't wanna grow up, I'm a Toys R Us kid!)
-- PmIGt4y? (Please may I Google that for you?)

Take two words and a number, and separate them with a symbol between each pair.
-- shoe,3,Store (what's on your shopping list?)
-- 1/red-Tomato (what are you growing in your garden?)

Combine a word or initials about something of interest to you with a symbol and a number:
-- 1$weetWorld..# (for DMB fans)
-- NYG17>Pats14 (New York/New Jersey sports fans might get a smile from that)
-- Paris,April2013 (are you planning a special trip?)

Use a phrase or title, and obscure it with creative representations of each word:
-- 1Fish,deuxFish (for Dr. Seuss readers)
-- 7habitsOF+folks (for those who enjoy personal growth reading)

Don't use the specific passwords suggested above. Hackers often try to log in with passwords they find in presented material.

Don't use the kinds of passwords that are easy hacking targets, such as:

  • Common dictionary words
  • Sequential letters or numbers (e.g. 1234567890, abcdefghij, qwertyuiop)
  • Trivial passwords (e.g. password, passwd,mypassword,p@ssw0rd)
  • Easily discoverable personal data (e.g., netID, names, birthday, address, pets)

Related Links:

Last Updated:
September 2, 2014

Solution ID:
9928