by coelomic

Password tips from Tufts University.

Creating Strong Passwords

Note: The following information is derived from the TCCS Training and Documentation's Local Area Network Password Creation Guidelines tip sheet. Click here to view the password tip sheet or here to view the extensive list of documentation and tip sheets available from the TCCS Training team.

  • Minimum password length is 8 characters (can contain more).
  • Password history is 24 – Your password should differ from the ones set previously.
  • Passwords must not match any portion of your user name (UTLN; ex: jsmith01)
  • Passwords must not match any portion of your full name.
  • Can not use the words password, change, temporary, or Tufts.
  • Cannot use 4 or more repeating characters – example: hhhh, 1111, AAAA, $$$
  • Passwords must contain the following:
  • At least 1 uppercase character
  • At least 1 lowercase character
  • At least 1 numeric digit
  • At least 1 special character – example : @, #, %, {, ?, +, etc.
  • In addition to these requirements, passwords should: Never be shared, written down, or e-mailed to others
  • Be easy to remember (for you, not others!) – The temptation to use loved ones names, birthdays and anniversaries is great. But "easy to remember" can also become "easy to guess." And, in a world where hackers use sophisticated software to crack passwords, an
    easy password is an open invitation. The challenge is to create something that is memorable for you but tough for others to decipher.
  • Be changed frequently – The Tufts domain requires a password change every 180 days.
  • Be altered when used for multiple applications – A common trick is to integrate the application description into a base password that does not change, such as 1!T%@p ("I love to look at paintings"). When used for database access, it might change to d1!T%@pB; used for ISP access, it might change to W1!T%@pb.

Technorati Tags: ,