Best Practices — Passwords

     ✔ DO

    • Use a password of 32 characters or more (minimum is 12 characters)
    • Include both upper-case and lower-case letters
    • Include one or more numerical digits
    • Include one or more special characters, such as !@#$%, etc. (embedded spaces are OK, but not at the beginning or end)
    • Use a password manager to generate and keep track of all your passwords, and to keep them secure.

    ✘ DON’T

    • Use words from your personal information or other easy-to-guess sources, e.g. calendar dates, telephone numbers, license plate numbers, spouse or pet names, etc.
    • Use dictionary words, e.g. football,  monkey,  antidisestablishmentarianism,  etc.
    • Use keyboard patterns, e.g. qwertyuiop,  1qaz2wsx,  !@#$%^&*,  etc.
    • Use simple sequences, e.g. abc123,  9876543210,  aeiouy,  etc.
    • Use common passwords, e.g. letmein,  passw0rd,  trustno1,  etc.
    • Write down or store (in plain text) your password where it can be easily found
    • Re-use the same password for different sites, otherwise a compromise of one of your accounts can expose others



    Published