May 4, 2008

Choosing Passwords

Choosing Passwords

Tips for choosing Passwords that can be easily remembered, but are secure

This document outlines some basic requirements for passwords that users should consider when choosing passwords. Then it provides tips for selecting strong passwords that can still be remembered and fit these requirements.

Requirements

  • Minimum Length – 8 characters
  • Maximum length – 14 characters
  • Passwords should use three of four of the following four types of characters:
    1. Lowercase
    2. Uppercase
    3. Numbers
    4. Special characters such as !@#$%^&*(){}[]

Remember that passwords are case sensitive while the user name or login name is not.

How to use your password

Your network password is the password that you normally use when you log into your computer every morning. Most businesses use a Windows domain and your network password is used to control your access to everything you use on the network. This includes your email, files, and databases. Would you want someone else to have access all your files without your permission? You must have a strong and well protected password to provent this.

  • Do not write your password down.
  • Do not transmit your network password across the internet without it being encrypted.
  • Do not use the same password on your computer at work that you may use to logon to a web site.
  • Do not use the same passwords for all accounts such as additional email accounts or other logins you may have on the internet. You may categorize the security level of accounts and choose account names and passwords with this consideration in mind. The next item addresses this in more detail.
  • Be aware of when a password is sent securely across the internet to protect yourself. Sites that begin with “https://” rather than “http://” are secure for use of your password. If the site you are entering your password (this means it is encrypted and cannot easily be read by other people) on does not start with "https://" then the password is not sent securely and you should not use this password on any accounts that you care about. In any case, do not use your network password on the internet except to connect remotely to your work network as authorized by your IT (Information Technology) department.

Creating Passwords

  1. Embed a word or part of a word within another.
  2. Mispel a word deleberitely especially if you use a word for part of your password.
  3. Interleave two or more words.
  4. Use a phrase that is personal to you and use the first, second, or third character in each word in each phrase. The Phrase can be a question and answer phrase. There can be several variants to this approach:
    • Use a phrase that has a number at the end of it
    • The question part of the phrase uses the first second, or third character in each word the answer part of the phrase uses a numeric representation of the first second or third character in the word to build the password.
    • After building the password, intermix the numbers and characters in a way that you can remember.
    • Put the answer part of the phase before the question.
    • Sometimes use capital letters, and sometimes use lower case letters. Use unusual capitalization in your phrase.
    • Use a numerical representation of the letters of the alphabet for part of your phrase or one word in your phrase. For example A is 1, B is 2, C is 3, etc.
    • Use punctuation or special characters in part of your phrase.

Examples

In these examples , I threw in punctuation, usually at the end, but it could be applied at the beginning or in the case of passwords built with question/answer phrases, punctuation would work well in the middle.

  1. Using a phrase with a number at the end of it. Example:
    • My Favorite number is 333. Password: “MFNI333.” or “yaus333.” depending on whether the first or second character is used.
  2. Using a phrase with a question and answer and numerical representation of the first letters of the answer. Example:
    • My favorite song is “Dust in the Wind”. Password: “MFSI492023!”
  3. Using a phrase with a question and answer and numerical representation of all the letters in the answer. Examples:
    • The name of my favorite grandchild is Tim. Password: “tnomfgi#20913".
    • The name of my favorite aunt is Lois. Password: “Tnomfai1215919”.
    • My aunt's name is Lois. Password: “%mani1215919”.
  4. Using a phrase with a numerical representation of one word in the phrase. Example:
    • Give me liberty or give me death. Password: “GML^1516gmd”.
  5. Using a phrase with some punctuation or special characters. Example:
    • My aunt's name is Lois. Password: “m@n!1215919”.
    • The name of my favorite grandchild is Tim. Password: “tn0mfg!20913".

In many of the above examples, it is easy to throw in punctuation such as a ? when part of your phrase may be a question. If your phrase involves numbers or you work with numbers regularly, $, %, and # may be easy to use in your password and still remember. If your phrase uses the word "and" or "or", you can substitute "&" or "|". Also you can split your password with "/" or "\".

Also remember to use upper and lower case letters in different parts of your password in ways that are easy for you to recall.

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts