Next | Prev | Up | Top | Contents | Index
Choosing Passwords
A system is most secure if nobody can access the system without an account and password, and if all the passwords on the system are difficult to guess and obtain. Surprisingly, many users choose passwords that are easy for potential intruders to guess, or write their passwords down on paper and leave them near their workstations and terminals.
Also, many site administrators use the same password for multiple administrative accounts. This is not a good practice. Do not deliberately use the same password for more than one account.
More secure passwords are:
- long (the first eight characters are recognized)
- multiple words that are combined or arranged in an unusual manner
- words from multiple languages, combined in a unique way
- composed of different kinds of characters, such as digits and punctuation
- have all of these bulleted features
Easily guessed passwords are:
- short
- single words that are in a dictionary
- the same as the account name, or the account name spelled backward
- the name of the user's department or project
- the user's name or initials
- the license number of the user's car, a spouse or friend's name, the user's home address, phone number, age, or other obvious information
- obvious--for example, "top secret," "secret," "private," "password," "friend," "key," "god," "me," and so on
Next | Prev | Up | Top | Contents | Index