Unfortunately, computer crackers have developed methods for discovering simple passwords. For this reason, the new password you enter is checked. If it is not complex enough, you are asked to think of another one. You are also encouraged to change your password on a frequent basis. Your password must meet the following criteria:
- The password must have at least eight characters.
- The password must not appear in any dictionary.
- The password must contain both lowercase and uppercase alphabetic characters.
- The password must contain a number.
- The password should contain non-alphanumeric characters such as !, #, $, %, ^, &, *, (, ), etc.
A password is NOT ACCEPTED if it fails any of these tests:
- The password has fewer than eight characters.
- The password is composed entirely of uppercase or lowercase letters, numbers, or is simply capitalized.
- The password matches anything in your Unix account information, such as your login name or an item from your "finger" data entry.
- The password is found in the hackers' dictionary of common passwords.
- The password fails any of these tests when reversed, pluralized, or truncated.
So how do you come up with an acceptable password that you can remember? Here are some practical pointers:
- Multiple word passwords -- Try joining several words together with characters in upper and lower case. (YoU2mE, p0P4bAnG)
- Pet names and other corny nicknames -- Often we name things with off-the-wall, non-dictionary words. Vary the case. (aRfyMYd0G, PhId0k9)
- Acronyms of quotations important to you -- "Neither a borrow nor a lender be" becomes NaBnaLb.
- The first characters of the middle names of the members of your family, in order by age, with numbers for how many pets they have had. (Ta2BH1kl3)
Other password tips:
- Do not replace letters with similar-looking numbers. For instance, (he11o, pr3tty) are not secure passwords. Some programs used to crack passwords know this trick and include it in their cracking algorithms.
- Use uppercase and lowercase carefully. Many systems consider "a" to be different from "A". When changing your password, first make sure your CAPS LOCK key is not on.
- Do not share your password. If you give someone your password, that person could use your account to cause harm.
Why are passwords important? Occasionally, intruders attempt to gain access to shared computer systems through the accounts of others. Their motives vary from curiosity to criminal malice. At risk are:
- Your files. An intruder can steal, modify, or destroy the information you keep on the shared computer. The privacy of your e-mail is also at stake.
- Your reputation. An intruder can send slanderous, defamatory, or otherwise embarrassing e-mail from your account, under your name. An intruder could also store material on your account that would implicate you in illegal or unethical acts.
- Hackers have gained access to accounts on many University computers. A person with unauthorized access to your account can corrupt your files, delete or modify important information, or eat up your resources. In addition, hackers often run programs that put a heavy burden on the University's computers, degrading service FOR ALL users.
