Selecting Good Passwords

Easy-to-guess passwords offer hackers the possibility to enter a system. The object when choosing a password is to make it as difficult as possible for anyone to make educated guesses about what you've chosen as a password. This leaves them no alternative but a brute force search, trying every possible combination of letters, numbers, and punctuation. A search of this sort, even conducted on a machine that could try one million passwords per second, would require, on the average, over one hundred years to complete.

Never share your password with another user or make your password known to anyone else. Change your password often; we suggest that you change your password every two months.

Examples of passwords that can easily be broken are:

passwords that are made up of a word or name in English or any other language
transferring letters or numbers for similar ones (e.g., zeros for o's)
words with a number added to the beginning or end
your login name in any form (as-is, reversed, capitalized, doubled, etc.)
your spouse's or child's name
any other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the brand of your automobile, the name of the street you live on, etc.
a password of all digits, or all the same letter. This significantly decreases the search time for password cracking software.

Good passwords should be at least 8 characters and consist of both lower and upper case letters, numbers, and symbols. A good way to select a password is to choose a line or two from a song or poem, and use the first letter of each word.

Choosing a Good Password