Why It's Important
Passwords are one of our first lines of defense for us when we use the Internet. Unfortunately, the passwords we choose are oftentimes our weakest defense. To make it easier on ourselves, we often choose a password that is too easy to remember. These easy to remember passwords are also easy for others to guess or break.
What You Can Do About It
A strong password should:
- Be ten or more characters in length.
- Not be a name or a word from the dictionary.
- Have one or more upper-case letters.
- Have one or more lower-case letters.
- Have one or more digits (numbers).
- Have one or more other printable characters or symbols (~!@#$%^&*).
Never give your password to anyone else and, never let anyone else use your computer account. Consider changing your password at least once a semester.
There are tricks you can use to come up with a strong password that is still easy to remember. For example, think of a favorite line from a movie or poem then, pick the first letter from each word, and capitalize every other letter. You could also combine two short words together and capitalize one word but not the other. Be sure to include some digits (numbers) and other special characters in your password.
Consider using a password manager to help manage all of your passwords and create secure passwords for you. You only have to remember one master password to unlock all of your passwords. However, please note that not all managers are created equal. The best passwords managers are the ones that work locally. While we can't endorse a particular product, we recommend that you find a solution that:
- Is compatible with the devices and browsers you use.
- Supports multi-factor authentication (MFA) via an authenticator app or token. MFA's using text is NOT recommended.
- Notifies you if any of your accounts are part of online breaches.
- Warns you about weak or duplicate passwords you may be using.
Please also be cautious of phishing and other attempts to gather your password. Instead of using links from emails go to your online accounts, go directly to the website or application to log in.