Body
A secure password is important for protecting your account and the university's data.
Using Passphrases
When coming up with a secure and memorable password, IT Services recommends passphrases.
A passphrase is similar to a password in practice; however, it is usually constructed of multiple words containing a mixture of case sensitive letters, numbers, and special characters (for example, “1 Sm@ll Step 4 M@n.”. Please do not use this example as your passphrase.)
Longer passphrases are harder to crack, so consider using passwords with 12 or more characters. If you don't have your own method of creating a memorable passphrase, you might want to try one of the following:
- Removing the vowels from a word or phrase (e.g., "Hello darkness my old friend" becomes "hlldrknssmldfrnd").
- Shifting your hands when typing (for example, using the motion that you'd use to type "wikiHow" with your hands shifted down one row on the keyboard).
- Doubling your passphrase (e.g., chooseing a word, typing a space or a separating character, and retyping the word).
It is unsafe to write down your passwords or save them in documents on your computer.
Pick a compound word or phrase that stands out to you.
You most likely have several words, a phrase, a title (e.g., an album or a song), or something similar that stands out to you for some reason; such words/phrases make great password bases because they're emotionally relevant to you, but not anyone else.
- You could pick the name of your favorite song from a specific album or your favorite phrase from a specific book.
- Find several random words and string them together without modifying them past that point (e.g., "bananacoffeespoonphonecomfortercat").
- Make sure that you don't pick a word or phrase that people know you like.
A tool to evaluate how different techniques can be used to create secure passwords is http://password-checker.online-domain-tools.com/.
What to avoid in a password
Before figuring out what you want to put in your passphrase, here are a few things that you should not put in your passphrase:
- Pet, family, or friend names
- Words as they appear in the dictionary
- Personal information (e.g., your phone number)
- Public information (e.g., something having to do with your commonly known extracurricular activities)
- Acronyms
Using a Password Manager
With a safe password manager tool, you only have to remember one master password.
You should never write down your password, and each account needs a unique password. Safe password manager tools are helpful so you never lose your login information.
IT Services recommends using a reputable password manager tool such as 1Password or Bitwarden to save and manage passwords for all your online accounts. Make sure your master password is at least 15 characters long, which will make it more secure and difficult to hack.
Password managers help secure your accounts because they:
- Generate strong, random passwords and save them in an encrypted vault protected by a master password.
- Validate the website you are visiting and allow you to automatically enter your login information if it is safe.
- Never enter your login information on sites that aren’t legitimate.
- Create a unique password for each site and ensure you do not use duplicate passwords.
Whenever possible, use multi-factor authentication on accounts for an additional layer of security.