Strong passwords are vital for protecting against unauthorized access to resources and networks. At the Institute we have implemented a Strong Password Policy to ensure that all users create a strong password.
Before choosing or changing your own password, please take good note of the requirements and constraints set by the Institute.
The password should be easy for you to remember and difficult for others to get with password-cracking software.
As a final note, when creating your own password, do not use any of the example passwords given here. Always create your own unique passwords!
Use More Than One Word (without spaces)
Instead of using the name of someone you know, such as 'Fred', choose something about that person no one else knows, e.g. 'FredsBike' or 'FredBike'.
Use Symbols Instead of Characters
Don't put the symbols and numbers at the end of a word, e.g. 'Fred1234'. This is easy to break. The word 'Fred' is in many dictionaries that include common names; once the name is discovered, the attacker only has four easy characters to guess.
Replace one or more letters in the word with symbols that are easy to recall, e.g. substitute "!" for 'l', a zero or pair of parentheses '()' for 'O', or a '3' for 'E'. This way, 'Edd!3sB3ar' would be recognizable to you but difficult to guess or break.
Look at the symbols on your keyboard and think of the first character that comes to mind and which you will remember. Use some of these symbols as substitutions for your passwords from now on.
Password-cracking programmes search for words embedded in passwords. Spell words incorrectly, or use funny phonetics that you can remember, e.g. 'Run for the hills' could become 'R0n4dHiLLs!'.
Use First Letters of a Phrase
Begin with a properly capitalized and punctuated sentence, or the first words of a song, etc., that you know well, e.g. 'My best friend Carla does kickboxing!'.
Take the first letter of each word in the sentence, keeping the capitalization used in the sentence to get 'MbfCdkb!'.
Substitute non-alphanumeric characters for some of the letters. The example password could become 'M6fCdk6!'. Just remember your sentence.
Choose Events or People That Are on Your Mind
Choose a personal/public event, or a person you admire. You won't forget a password that is funny or personal.
Make it unique to you, e.g. a phrase of two or more words, and slip in your symbols, e.g. Bi!!Pr0m0ti0n.
- Use personal info - derivatives of your user ID, names of family members, licence tags, telephone numbers, pets, birthdays, social security numbers, addresses, hobbies
- Use any word in any language spelled forward or backward.
- Tie passwords to the month, e.g. don't use 'Mayday' in May
- Create new passwords that are similar to ones you've previously used
A Word of Caution
You may be tempted to write down your password and stick it to your desk, computer monitor, or some other easily accessible location. However, the moment you do so you are exposing your computer and our entire internal network to serious risk, as an intruder could walk up to your computer and log on using your credentials. Therefore, never write down your passwords. Instead, create passwords that are easy to remember.