Password Guidelines
Each password must be at least 8 characters and must contain at least two alphabetic characters and at least one numeric or special character.
New passwords must differ from the old by at least three characters. For comparison purposes, an upper case letter and its corresponding lower case letter are equivalent.
Use the following conventions when setting your password:
- Each password must differ from your login name and any combination of the name
- Each password must differ from your last, first, middle names and any combination of these names
- Each password must not contain a dictionary word or any combination of this word
- Each password must not contain the use of acronyms
For example, NEVER use passwords such as the following:
|
Gillian
|
Girlfriend's name in a dictionary |
| Naillig |
Girlfriend's name backwards |
| PORSCHE911 |
Word in the dictionary |
| 12345678 |
Word in a dictionary and people can watch you type it easily |
| abcxyz |
Word in a dictionary and people can watch you type it easily |
| 0oooooo |
Word in a dictionary and people can watch you type it easily |
| wombat6 |
Appending random characters to a word |
| merci3 |
Words in foreign language dictionaries |
| mr.spock |
Word in a sci-fi dictionary |
These examples emphasize that ANY password derived from personal information or from a dictionary constitutes a potential security risk.
Suggestion: Take a sentence or a phrase and use the first letter of each word, replacing at least one character with a number.
For more information on Choosing and Protecting Your Passwords, go to the US-CERT web site. |
