Home » Services and Admin » ICT Service » Computing Accounts » Password Guidelines

Password Guidelines

Strong passwords are vital for protecting against unauthorized access to resources and networks. At the Institute we have implemented a Strong Password Policy to ensure that all users create a strong password. These passwords should be easy for you to remember and difficult for others to get with password-cracking software.

 

Note that passwords must be 8-16 characters long and may contain only the following characters:

A-Z, a-z, 0-9, ! % - _ + = [ ] { } : , . ? < > ( ) ; 

When creating your own password, do not use any of the example passwords given here. Always create your own unique passwords.

 

Use More Than One Word (without spaces)

Instead of using the name of someone you know, such as 'Fred', choose something about that person no one else knows, e.g. 'FredsBike' or 'FredBike'.

 

Use Symbols Instead of Characters

Don't put the symbols and numbers at the end of a word, e.g. 'Fred1234'. This is easy to break. The word 'Fred' is in many dictionaries that include common names; once the name is discovered, the attacker only has four easy characters to guess.

Replace one or more letters in the word with symbols that are easy to recall, e.g. substitute "!" for 'l', a zero or pair of parentheses '()' for 'O', or a '3' for 'E'. This way, 'Edd!3sB3ar' would be recognizable to you but difficult to guess or break.

Look at the symbols on your keyboard and think of the first character that comes to mind and which you will remember. Use some of these symbols as substitutions for your passwords from now on.

 

Use Phonetics

Password-cracking programmes search for words embedded in passwords. Spell words incorrectly, or use funny phonetics that you can remember, e.g. 'Run for the hills' could become 'R0n4dHiLLs!'.

 

Use First Letters of a Phrase

Begin with a properly capitalized and punctuated sentence, or the first words of a song, etc., that you know well, e.g. 'My best friend Carla does kickboxing!'.

Take the first letter of each word in the sentence, keeping the capitalization used in the sentence to get 'MbfCdkb!'.

Substitute non-alphanumeric characters for some of the letters. The example password could become 'M6fCdk6!'. Just remember your sentence.

 

Choose Events or People That Are on Your Mind

Choose a personal/public event, or a person you admire. You won't forget a password that is funny or personal.

Make it unique to you, e.g. a phrase of two or more words, and slip in your symbols, e.g. Bi!!Pr0m0ti0n.

 

Don't:

  • Use personal info - derivatives of your user ID, names of family members, licence tags, telephone numbers, pets, birthdays, social security numbers, addresses, hobbies
  • Use any word in any language spelled forward or backward.
  • Tie passwords to the month, e.g. don't use 'Mayday' in May
  • Create new passwords that are similar to ones you've previously used

Page last updated on 20 August 2017